what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files Date: 2016-07-02

Ubuntu 16.04 Netfilter target_offset Out-Of-Bounds Local Root
Posted Jul 2, 2016
Authored by Vitaly Nikolenko

Ubuntu Linux 16.04 local root exploit that leverages a netfilter target_offset out-of-bounds vulnerability.

tags | exploit, local, root
systems | linux, ubuntu
SHA-256 | 688cfd5435b7e62582a5df7460ede157064887278deba6b8db8ec8bd923aa20b
Debian Security Advisory 3615-1
Posted Jul 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3615-1 - Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-5350, CVE-2016-5351, CVE-2016-5353, CVE-2016-5354, CVE-2016-5355, CVE-2016-5356, CVE-2016-5357, CVE-2016-5359
SHA-256 | d1c067496b4eef4dd1c1d0776f312a421876b196e12462a320ad7caa30202eea
Debian Security Advisory 3613-1
Posted Jul 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3613-1 - Vivian Zhang and Christoph Anton Mitterer discovered that setting an empty VNC password does not work as documented in Libvirt, a virtualisation abstraction library. When the password on a VNC server is set to the empty string, authentication on the VNC server will be disabled, allowing any user to connect, despite the documentation declaring that setting an empty password for the VNC server prevents all client connections. With this update the behaviour is enforced by setting the password expiration to "now".

tags | advisory
systems | linux, debian
advisories | CVE-2016-5008
SHA-256 | 40eb5793bb6cd89796053333ac3de675058f4fe68e4a83f76ae3ad3bb8c56d4e
Debian Security Advisory 3614-1
Posted Jul 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3614-1 - The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications. A remote attacker can take advantage of this flaw by sending file upload requests that cause the HTTP server using the Apache Commons Fileupload library to become unresponsive, preventing the server from servicing other requests.

tags | advisory, remote, web, denial of service, file upload
systems | linux, debian
advisories | CVE-2016-3092
SHA-256 | 8dbdb645982cfd7d0be2c190d07143c9f61b91668bd2ea676e951e673b8b3ff3
Apache Qpid Untrusted Input Deserialization
Posted Jul 2, 2016
Authored by Matthias Kaiser

When applications call getObject() on a consumed JMS ObjectMessage they are subject to the behaviour of any object deserialization during the process of constructing the body to return. Unless the application has taken outside steps to limit the deserialization process, they can't protect against input that might try to make undesired use of classes available on the application classpath that might be vulnerable to exploitation. Apache Qpid AMQP 0-x JMS client versions 6.0.3 and earlier and Qpid JMS (AMQP 1.0) client versions 0.9.0 and earlier are affected.

tags | advisory
advisories | CVE-2016-4974
SHA-256 | a334cb653669fa548ee6ab3108c37becded85013ee84bdec62a00650922edf5e
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close