exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-10-26

Hewlett Packard TouchSmart Calendar Service 4.1.4245 Privilege Escalation
Posted Oct 26, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Hewlett Packard TouchSmart Calendar Service version 4.1.4245 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 3ac401606b82093bdf7d0f6ed07c11956a60eeff288f08c6ee1a8ff970f7d3a8
Red Hat Security Advisory 2016-2117-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2117-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.

tags | advisory, remote, javascript, xss
systems | linux, redhat
advisories | CVE-2016-6519
SHA-256 | e3745470c67fadf948bd32c8e4a2199fc2b2887dc551d030c708eae080865c05
Red Hat Security Advisory 2016-2115-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2115-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.

tags | advisory, remote, javascript, xss
systems | linux, redhat
advisories | CVE-2016-6519
SHA-256 | d404a42f76e49cbb35e2255dc2c142aa737b8716fe2629ad07586e19e27d0604
Red Hat Security Advisory 2016-2116-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2116-01 - OpenStack's File Share Service provides the means to easily provision shared file systems that can be consumed by multiple instances. These shared file systems are provisioned from pre-existing, back-end volumes. The UI component provides the dashboard plugin for the service. Security Fix: A cross-site scripting flaw was discovered in openstack-manila-ui's Metadata field contained in its "Create Share" form. A user could inject malicious HTML/JavaScript code that would then be reflected in the "Shares" overview. Remote, authenticated, but unprivileged users could exploit this vulnerability to steal session cookies and escalate their privileges.

tags | advisory, remote, javascript, xss
systems | linux, redhat
advisories | CVE-2016-6519
SHA-256 | 31f6ebcd49229370b7f2900ffe40967c957825bf8faed803d57574a2a24010a2
Red Hat Security Advisory 2016-2118-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2118-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
SHA-256 | 1d008d08d3526b0ffa83651d4b071d5210184d075bdf650210f7f1f6b648c8e1
Boonex Dolphin 7.3 Authentication Bypass
Posted Oct 26, 2016
Authored by Saadat Ullah

Boonex Dolphin versions 7.3 and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 4658d77329bd114fa95331dde278b6549957a93549ef1cd5bc18ffce0cce9541
XNU task_t Privilege Escalation
Posted Oct 26, 2016
Authored by Google Security Research, Ian Beer

task_t should be considered harmful and can lead to many XNU elevations of privilege.

tags | exploit
SHA-256 | 0c7485685996e007a105a58f511a032918e4823a30285759e8c6228026ef145c
Komfy Switch With Camera DKZ-201S/W Password Disclosure
Posted Oct 26, 2016
Authored by Jason Doyle

Komfy Switch with Camera DKZ-201S/W suffers from a wifi password disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 2da0e907e5d7be055bcb38088af54f4f1eb0cc34e40a905e6567878159a08836
SmallFTPd 1.0.3 mkd Denial Of Service
Posted Oct 26, 2016
Authored by Greg Priest

SmallFTPd version 1.0.3 suffers from a mkd command denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | fa4ff306f7fbdcb83d7b886e6ee4d9a7b3a392048f65279003d6fb7e02362261
VMware Security Advisory 2016-0017
Posted Oct 26, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0017 - VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.

tags | advisory, info disclosure
systems | apple, osx
advisories | CVE-2016-5328, CVE-2016-5329
SHA-256 | 82f0e1af00fb6e2af214a5e6c766e4e7e88cf51a23089d7017258dbcdc5e27c0
Ubuntu Security Notice USN-3114-1
Posted Oct 26, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3114-1 - Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges.

tags | advisory, remote, root
systems | linux, ubuntu
advisories | CVE-2016-1247
SHA-256 | b116940b951075c00e94c3de886a4e2f0c25b77a5edd4f0f00d61be294b8bf2a
Red Hat Security Advisory 2016-2110-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2110-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195, CVE-2016-7039
SHA-256 | dcb514850d3e86a0c0273e24a7a5b145048460862812fbb5c3e3ddf06f017608
Red Hat Security Advisory 2016-2107-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2107-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195, CVE-2016-7039
SHA-256 | 33d5c8940413003820f7b55af52c789b3ed4135d6da091b3d1299239046aef04
Red Hat Security Advisory 2016-2106-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2106-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
SHA-256 | 5ee1932f3bf165b0bb1f48c26d8572a4bd55b15c4d79be49b93713ccf71d6ef3
Red Hat Security Advisory 2016-2105-01
Posted Oct 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2105-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
SHA-256 | 82319b31d25b01b70ae1f1ab268edba99ed29d75de112ac3332d7917a2aa2053
Debian Security Advisory 3700-1
Posted Oct 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3700-1 - Multiple vulnerabilities have been discovered in Asterisk, an open source PBX and telephony toolkit, which may result in denial of service or incorrect certificate validation.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-3008, CVE-2016-2232, CVE-2016-2316, CVE-2016-7551
SHA-256 | 9125c031bfa6573eba2f15a412d4b3e1902eae3695ad7cf7b0b301df9690d239
Debian Security Advisory 3701-1
Posted Oct 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3701-1 - Dawid Golunski reported the nginx web server packages in Debian suffered from a privilege escalation vulnerability (www-data to root) due to the way log files are handled. This security update changes ownership of the /var/log/nginx directory root. In addition, /var/log/nginx has to be made accessible to local users, and local users may be able to read the log files themselves local until the next logrotate invocation.

tags | advisory, web, local, root
systems | linux, debian
advisories | CVE-2016-1247
SHA-256 | 45ba3a4a7a68c140419a5e245940ef54a4d56ffe54aff33299bf6d93353b5f49
BigTree CMS 4.2.13 Cross Site Request Forgery
Posted Oct 26, 2016
Authored by Amir.ght

BigTree CMS version 4.2.13 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 85a2cfd2a1bc40c7a4881a325ba67c796d3788fdcc55f5821e62f64dd87ed4b8
Falco 0.4.0
Posted Oct 26, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Improved visibility into containers. Improved visibility into orchestration environments. Various other fixes and changes.
tags | exploit, tool
systems | unix
SHA-256 | 331330d5bf719e68ed493325ff1d78d19e4981aa1e8c4f210e1739dd45f32651
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close