Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-10-31

Red Hat Security Advisory 2016-2131-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2131-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb55-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-8283
MD5 | 743f9b06c8508c8cda9a927f0ac89692
Red Hat Security Advisory 2016-2130-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2130-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: mysql55-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5617, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-8283
MD5 | 4639bae393bae65ad49bb4ab9634a3d4
Red Hat Security Advisory 2016-2128-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2128-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrary memory block. An attacker could use this flaw to trigger a use-after-free condition on the system, potentially allowing for privilege escalation.

tags | advisory, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4470, CVE-2016-5195
MD5 | fb99ecab5d659bd43730c6df818651e2
Red Hat Security Advisory 2016-2127-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2127-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 175155c18e9b6f574eeecbff9a379989
Red Hat Security Advisory 2016-2126-01
Posted Oct 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-5195
MD5 | 9acd7fac3959493a5fb5551f0cf58b09
Crowd LDAP Java Object Injection
Posted Oct 31, 2016
Authored by David Black

This advisory discloses a critical severity security vulnerability which was introduced in version 1.4.1 of Crowd. Versions of Crowd starting with 1.4.1 before 2.8.8 (the fixed version for 2.8.x) and from 2.9.0 before 2.9.5 (the fixed version for 2.9.x) are affected by this vulnerability. The Crowd LDAP directory connector allowed an attacker to gain remote code execution in Crowd by injecting malicious attributes in LDAP entries.

tags | advisory, remote, code execution
advisories | CVE-2016-6496
MD5 | 1d8d3c4d540edd6f9547a738f73e107d
S9Y Serendipity 2.0.4 Cross Site Scripting
Posted Oct 31, 2016
Authored by Besim

S9Y Serendipity version 2.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 806ca5860014f687a91b24fd7a401c60
Micro Focus Rumba 9.3 Active-X Stack Buffer Overflow
Posted Oct 31, 2016
Authored by Umit Aksu

Micro Focus Rumba versions 9.3 and below suffer from an active-x stack buffer overflow vulnerability.

tags | exploit, overflow, activex
advisories | CVE-2016-5228
MD5 | 9e3234252e3ab198ce4f3fe1a12462a0
Micro Focus Rumba FTP Client 4.x Stack Overflow
Posted Oct 31, 2016
Authored by Umit Aksu

Micro Focus Rumba FTP client version 4.x stack overflow SEH exploit.

tags | exploit, overflow
advisories | CVE-2016-5764
MD5 | 411fa31d391367845eceb2a82e8f101d
Adobe Flash Rastering Overflow
Posted Oct 31, 2016
Authored by Google Security Research, natashenka

The included fuzz test case demonstrates an overflow in rastering for Adobe Flash.

tags | exploit, overflow
MD5 | ac6e28821e290cd837a184b32787b6e7
Micro Focus Rumba 9.3 Stack Overflow
Posted Oct 31, 2016
Authored by Umit Aksu

Micro Focus Rumba versions 9.3 and below suffer from a stack overflow vulnerability.

tags | exploit, overflow
MD5 | f076f16277a0c09870e538c094607d92
D-Link DIR-300NRUB5 Firmware 1.2.94 Cross Site Request Forgery
Posted Oct 31, 2016
Authored by MustLive

D-Link DIR-300NRUB5 with firmware version 1.2.94 suffers from brute force and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 505c2c3e0b2c535a06674e04ba8b2764
ASP Gateway 1.0.0 Database Disclosure
Posted Oct 31, 2016
Authored by indoushka

ASP Gateway 1.0.0 suffers from a database disclosure vulnerability.

tags | exploit, asp, info disclosure
MD5 | 77c6b85e907011a63bde9b54324dac6e
Angelo Emlak Scripti 1.0 Database Disclosure
Posted Oct 31, 2016
Authored by indoushka

Angelo Emlak Scripti version 1.0 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 88f09dd414e45c9254be17a7d72577ac
FreeFTPd 1.0.8 mkd Denial Of Service
Posted Oct 31, 2016
Authored by Greg Priest

FreeFTPd version 1.0.8 suffers from a denial of service vulnerability in the mkd command.

tags | exploit, denial of service
MD5 | f4896135a9a498ecb5ab3fcb842a459a
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    10 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close