Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2016-10-05

Cisco Firepower Threat Management Console Local File Inclusion
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a local file inclusion vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, local, file inclusion
systems | cisco, linux
advisories | CVE-2016-6435
MD5 | f66c142008bc325652e1cfe8d2c5ea73
Ubuntu Security Notice USN-3096-1
Posted Oct 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3096-1 - Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue to perform an impersonation attack. Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled memory. An attacker could possibly use this issue to cause ntpq to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-0727, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956
MD5 | 9b3aea2f08c5b95113b7d617304a06df
Cisco Firepower Threat Management Command Execution
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a remote command execution vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, remote
systems | cisco, linux
advisories | CVE-2016-6433
MD5 | b3a07df7474fe7e9d75439898695272a
Cisco Firepower Threat Management Console Denial Of Service
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a denial of service vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, denial of service
systems | cisco, linux
MD5 | 55b7b9e8a15c6a1f671e6bcf0ad3c869
Cisco Security Advisory 20161005-bgp
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly.

tags | advisory, remote, denial of service, protocol
systems | cisco
MD5 | 9fc4e49d47735f735bf881b995176b39
HP Security Bulletin HPSBGN03639 1
Posted Oct 5, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03639 1 - A potential security vulnerability has been identified in HPE KeyView. The vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2016-4387, CVE-2016-4388, CVE-2016-4389, CVE-2016-4390
MD5 | 55fa11a8988bdcd1c44b73d9a200a031
Cisco Security Advisory 20161005-dhcp2
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
MD5 | bdbcf42c7f507401c5ed01a9f326b0bb
Cisco Security Advisory 20161005-dhcp1
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
MD5 | d3eff152bfb27d8637de788d68688d40
Red Hat Security Advisory 2016-2008-01
Posted Oct 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2008-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.1 will be retired as of March 31, 2017, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 7.1 EUS after March 31, 2017.

tags | advisory
systems | linux, redhat
MD5 | 0cd9bcb22991936bb335d1882a350e75
Red Hat Security Advisory 2016-2007-01
Posted Oct 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2007-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 53.0.2785.143. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5177, CVE-2016-5178
MD5 | a100ef7d99a651cac31fd9e77325be08
Flash Operator Panel 2.31.03 Script Insertion
Posted Oct 5, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Flash Operator Panel version 2.31.03 suffers from a script insertion vulnerability.

tags | exploit
MD5 | 888706659d8f875ef4162c20cfd49754
Cyberoam iview UTM 0.1.2.7 Cross Site Scripting
Posted Oct 5, 2016
Authored by Lawrence Amer | Site vulnerability-lab.com

Cyberoam iview UTM version 0.1.2.7 suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss
MD5 | 26873812db08afc14ab4a45db841b404
Clean Master 1.0 Privilege Escalation
Posted Oct 5, 2016
Authored by ZwX

Clean Master version 1.0 suffers from an unquoted path privilege escalation vulnerability.

tags | exploit
MD5 | 5db726e0aed2710659ccd1760951e176
Cisco Firepower Threat Management Console Hard-Coded MySQL Credentials
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console has hard-coded MySQL credentials in use. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit
systems | cisco, linux
advisories | CVE-2016-6434
MD5 | 86b5a4ced799ba4cb53d202a3316365b
Cisco Security Advisory 20161005-nxaaa
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affected device during the negotiation of an SSH connection. An attacker could exploit this vulnerability by authenticating to an affected device and passing a malicious value as part of the login procedure. A successful exploit could allow an attacker to bypass AAA restrictions and execute commands on the device command-line interface (CLI) that should be restricted to a different privileged user role. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote
systems | cisco
MD5 | cc72ee4edc339277831af2664c976bc3
FortKnox Personal Firewall 2015 Privilege Escalation
Posted Oct 5, 2016
Authored by zeifan

FortKnox Personal Firewall version 2015 build 16.0.405.0 suffers from a privilege escalation vulnerability.

tags | advisory
MD5 | 46d1de2721e9fccce2a0524f24a57a0e
Abyss Web Server X1 2.11.1 Privilege Escalation
Posted Oct 5, 2016
Authored by Tulpa

Abyss Web Server X1 version 2.11.1 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit, web
MD5 | f0b0aff0a88bb4d5bedd537d5129bc17
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close