Red Hat Security Advisory 2016-1406-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.
a8891b80853682172af10fa5a785dbf0This Metasploit module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This Metasploit module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.
37a34759947c810455938c65ab482084This Metasploit module exploits a file upload vulnerability in Tiki Wiki versions 15.1 and below which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The issue comes with one of the 3rd party components. Name of that components is ELFinder -version 2.0-. This components comes with default example page which demonstrates file operations such as upload, remove, rename, create directory etc. Default configuration does not force validations such as file extension, content-type etc. Thus, unauthenticated user can upload PHP file. The exploit has been tested on Debian 8.x 64-bit and Tiki Wiki 15.1.
75ff5f78056283806bf48c4b08b4edfcWordPress Easy Forms for MailChimp plugin version 6.0.5.5 suffers from a local file inclusion vulnerability.
65adab6988ef66974433f81b2a78efe0WordPress WP Fastest Cache plugin version 0.8.5.9 suffers from a local file inclusion vulnerability.
760e7ccd799a73ce964210f524693a92WordPress Profile Builder plugin version 2.4.0 suffers from a cross site scripting vulnerability.
530c5006d6d3bf18d1fc959b8eefc661WordPress Master Slider - Responsive Touch Slider plugin version 2.7.1 suffers from a cross site scripting vulnerability.
667da316aac28a0b009da188f9088e27WordPress Email Users plugin version 4.8.2 suffers from a cross site scripting vulnerability.
3023cf48133ae94c6b7deb2665edda0aThis bulletin summary lists eleven released Microsoft security bulletins for July, 2016.
a53a0f8e15d6770b8345713085bd52d7Ubuntu Security Notice 3031-1 - Yves Younan discovered that Pidgin contained multiple issues in the MXit protocol support. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code.
bee9450b7cbf321fb800b570e7930ee0Apache Archiva version 1.3.9 suffers from a cross site scripting vulnerability.
49af5bfe6cafae1122d621ea5294c340Apache Archiva version 1.3.9 suffers from a cross site request forgery vulnerability.
bb5f2cae376e13ae271a747583391445Red Hat Security Advisory 2016-1395-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fix: A flaw was discovered in the way the Linux kernel's TTY subsystem handled the tty shutdown phase. A local, unprivileged user could use this flaw to cause denial of service on the system by holding a reference to the ldisc lock during tty shutdown, causing a deadlock.
9abd5a4bf2df041607dd68d43abe0148HP Security Bulletin HPSBHF03608 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HPE iMC PLAT and other network products. The vulnerability could be exploited remotely to allow execution of arbitrary code. Revision 1 of this advisory.
97e0258d6c0b3fa75e77317a3813f960WordPress WP Job Manager plugin version 1.25 suffers from a remote shell upload vulnerability.
a608a5a847db36eebef7b79660c84b96Clinic Management System suffers from an unauthenticated remote blind SQL injection vulnerability.
ead48c8458bb1fc093da100028c262edBeauty Parlour and SPA Saloon Management System suffers from an unauthenticated blind remote SQL injection vulnerability.
1e2148e3a3cb4d4c768bd849accb2171This Metasploit module exploits three separate vulnerabilities found in the Riverbed SteelCentral NetProfiler/NetExpress virtual appliances to obtain remote command execution as the root user. A SQL injection in the login form can be exploited to add a malicious user into the application's database. An attacker can then exploit a command injection vulnerability in the web interface to obtain arbitrary code execution. Finally, an insecure configuration of the sudoers file can be abused to escalate privileges to root.
43250fc531037c614242f3fd33ba0a4aBlue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
5aa37d7a933381d2b3981641c5bc2327Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.
6414f9b910303b38e74608648f709f68Bug Tracker version 2.7.1 suffers from a database name and credential disclosure vulnerability.
d35b56c9d9e442796bdce2b50d836c80
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed