Exploit the possiblities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2016-09-19

ZineBasic 1.1 Remote File Disclosure
Posted Sep 19, 2016
Authored by bd0rk

ZineBasic version 1.1 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 05acf0c8fbbad25af2e5dafc83d8d9f1
EMC VNX2 / VNX1 / VNXe / Celerra Weak Nonce
Posted Sep 19, 2016
Site emc.com

SMB implementations in EMC Celerra, VNX1, VNX2 and VNXe are affected by an NTLM authentication weak nonce vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC VNX2 File OE versions prior to 8.1.9.155, EMC VNX1 File OE versions prior to 7.1.80.3, and all supported versions of EMC VNXe and EMC Celerra are affected.

tags | advisory
advisories | CVE-2016-0917
MD5 | bc74c33e0c798244812843b766dd1174
Ubuntu Security Notice USN-3084-4
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-4 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
MD5 | c4e2f5ed62b20a84d9df1b6445098db4
Ubuntu Security Notice USN-3084-3
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-3 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
MD5 | d68fc9bc85febfeab897101df79fdc9b
Ubuntu Security Notice USN-3084-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-2 - USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
MD5 | 2fdbed27e96c30c4f097c89ab6597933
Ubuntu Security Notice USN-3084-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-1 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
MD5 | 1677a674318545bd72f55fe55853a1fa
Ubuntu Security Notice USN-3083-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3083-1 - Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8767, CVE-2016-3841
MD5 | 3f50e0990d10eba3e8127b80efbdec63
Ubuntu Security Notice USN-3082-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3082-1 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-3857
MD5 | 5f036e8328bee9852f4428aff6684a8c
Ubuntu Security Notice USN-3083-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3083-2 - USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8767, CVE-2016-3841
MD5 | 9e3469db49bf81a2b2030ce192723c06
Ubuntu Security Notice USN-3082-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3082-2 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-3857
MD5 | ad7accef5008baa608274fdc19aa8fe1
Ubuntu Security Notice USN-3081-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3081-1 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. This update also reverts a change in behavior introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

tags | advisory, remote, root
systems | linux, ubuntu
advisories | CVE-2016-1240
MD5 | 17f1f2cba06a4ff91bdb32fe6fc539ca
WordPress Neosense Theme 1.7 Shell Upload
Posted Sep 19, 2016
Authored by Walter Hop

WordPress Neosense theme version 1.7 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell
MD5 | f2ba5d09e06ff571c9fdd1a1f2317297
EMC Avamar Data Store / Virtual Edition Command Injection
Posted Sep 19, 2016
Site emc.com

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 7.3 contain fixes for multiple vulnerabilities. These vulnerabilities may expose the Avamar clients and servers to potentially be compromised by malicious users. They include improper authentication, improper encryption, privilege escalation, and command injection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2016-0903, CVE-2016-0904, CVE-2016-0905, CVE-2016-0920, CVE-2016-0921
MD5 | 364838f315df52b7acfba2564556cab9
ShoreTel Connect ONSITE Blind SQL Injection
Posted Sep 19, 2016
Authored by Iraklis Mathiopoulos

ShoreTel Connect ONSITE versions 20.xx.xxxx.x and 21.xx.xxxx.x up to 21.79.4311.0 suffer from an unauthenticated remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f79a4ca30062360e0dd39f25e54313b7
EKG Gadu 1.9~pre+r2855-3+b1 Local Buffer Overflow
Posted Sep 19, 2016
Authored by Juan Sacco

EKG Gadu versions 1 through 1.9~pre+r2855-3+b1 suffer from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | 5dfc4e6776e3a7421bd1664d0d7d5e0c
MetInfo 3.0 SQL Injection
Posted Sep 19, 2016
Authored by indoushka

MetInfo version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0c809902fc3e7ed21cd43e9abf5e5a58
CodeCanyon iBilling 2.4 Cross Site Scripting
Posted Sep 19, 2016
Authored by indoushka

CodeCanyon iBilling version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 343ca04a81cacbe826de3083577f632e
ECShop 2.7.2 Open Redirect
Posted Sep 19, 2016
Authored by indoushka

ECShop version 2.7.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 7b7e072b4cb8e0453ee8e2a197126c12
Coupon CMS 5.00 Open Redirect
Posted Sep 19, 2016
Authored by indoushka

Coupon CMS version 5.00 suffers from an open redirection vulnerability.

tags | exploit
MD5 | d5f89847445c4e11e3559692f3eaedc9
VMWare Workstation vprintproxy.exe JPEG2000 Handling Memory Corruption
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from multiple memory corruption and other crashes in the handling of JPEG2000 images.

tags | exploit
advisories | CVE-2016-7084
MD5 | d416b74e2b1461ed4f8830ff94d036dd
VMWare Workstation vprintproxy.exe EMF Double-Free
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from a double-free in the handling of EMF (EMR_SMALLTEXTOUT record).

tags | advisory
advisories | CVE-2016-7082
MD5 | eca06b738779d9505c2da6b62c94a430
VMWare Workstation vprintproxy.exe TrueType NAME Heap Buffer Overflow
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from a heap buffer overflow vulnerability in the handling of TrueType NAME tables.

tags | exploit, overflow
advisories | CVE-2016-7083
MD5 | e6f142791cc32ae931c14a224f86f10e
ComActivity 2.14.35 Cross Site Scripting
Posted Sep 19, 2016
Authored by indoushka

ComActivity version 2.14.35 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8fab8da5812d8d47ee8b56981a20aa61
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close