Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2016-11-03

Axessh 4.2.2 Denial Of Service
Posted Nov 3, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Axessh version 4.2.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | b8f4945fe17d256ef20900c2ceba2273
WinaXe 7.7 Buffer Overflow
Posted Nov 3, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WinaXe version 7.l7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 5948c2e4e1ffa3e1767ca91517eef77f
Spark 2.5 Arbitrary File Read
Posted Nov 3, 2016
Authored by aj

Spark version 2.5 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
MD5 | 7c1e6afdf6e5a35dc790910fef729a9d
Memcached 1.4.33 Proof Of Concept
Posted Nov 3, 2016
Authored by dawu, p0wd3r

These are three memcached version 1.4.33 proof of concept exploits.

tags | exploit, proof of concept
advisories | CVE-2016-8704, CVE-2016-8705, CVE-2016-8706
MD5 | f20d5fea3aa6c8e990bb1dbdfe3080fd
PCMan FTP Server 2.0 ACCT Buffer Overflow
Posted Nov 3, 2016
Authored by cybernetic

PCMan FTP server version 2.0 ACCT command buffer overflow exploit.

tags | exploit, overflow
MD5 | 15ad49433fd268f53b9d1e537e284fad
ETchat 3.7 Cross Site Request Forgery
Posted Nov 3, 2016
Authored by Hesam Bazvand

ETchat version 3.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | cc524af61c5919addfcc487350ca6a5e
SweetRice 1.5.1 File Upload
Posted Nov 3, 2016
Authored by Ehsan Hosseini

SweetRice version 1.5.1 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 2a6f7eb53a61263e6d355594fb03699a
Red Hat Security Advisory 2016-2587-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2587-02 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client.

tags | advisory, web, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-4971
MD5 | b271d0234cefc91cba7baceca9b24e57
Red Hat Security Advisory 2016-2586-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2586-02 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution, python
systems | linux, redhat
advisories | CVE-2016-5636
MD5 | 6a7880c1413ad2ea73746f9f5fd7fe89
Red Hat Security Advisory 2016-2585-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2585-02 - Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2016-1981, CVE-2016-3712
MD5 | 9d2454ec2da873e1594651d931995698
Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
MD5 | 9cd6ca4a3ba80601297dc4773a1728cf
Red Hat Security Advisory 2016-2583-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2583-02 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-5219, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7852, CVE-2015-7974, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8158
MD5 | c60ed0a8153b4cc5c07956127649f45c
Red Hat Security Advisory 2016-2582-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2582-02 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix: Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality.

tags | advisory, kernel, python
systems | linux, redhat
advisories | CVE-2015-8803, CVE-2015-8804, CVE-2015-8805, CVE-2016-6489
MD5 | b904965b4165784bbe76c8baa6406604
Red Hat Security Advisory 2016-2581-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2581-02 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a newer upstream version: NetworkManager, NetworkManager-libreswan, network-manager-applet, libnl3.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-0764
MD5 | 8c3177274dcdafda9ab0225692947033
Red Hat Security Advisory 2016-2580-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2580-02 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler to crash or, potentially, execute arbitrary code when opened.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8868
MD5 | 6bea11db07d894bb271ffefc0d92e022
Red Hat Security Advisory 2016-2579-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2579-02 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. The following packages have been upgraded to a newer upstream version: libreoffice. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-0794, CVE-2016-0795
MD5 | 297b07377a36051c859f2aadef32a3ed
Red Hat Security Advisory 2016-2578-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2578-02 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. The following packages have been upgraded to a newer upstream version: pacemaker. Security Fix: It was found that the connection between a pacemaker cluster and a pacemaker_remote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2016-7797
MD5 | 1e0def9a544f031ea9ce08f769a0fe7e
Red Hat Security Advisory 2016-2577-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2577-02 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5160, CVE-2015-5313, CVE-2016-5008
MD5 | 27432e2a794e6c05e41ca59659cc9c77
Red Hat Security Advisory 2016-2576-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2576-02 - The libguestfs packages contain a library, which is used for accessing and modifying virtual machine disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs, virt-p2v. Security Fix: An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8869
MD5 | 94095eeaf631a447ef49fd886361beff
Red Hat Security Advisory 2016-2575-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2575-02 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the libcurl library did not prevent TLS session resumption when the client certificate had changed. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2016-5419, CVE-2016-5420, CVE-2016-7141
MD5 | 72fe7633c44c715d71056156ed47d194
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
MD5 | 2324e71508a4e3597cc2c4131fd838dc
Intel(R) HD Graphics 10.18.10.4358 Privilege Escalation
Posted Nov 3, 2016
Authored by ZwX

Intel(R) HD Graphics version 10.18.10.4358 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
MD5 | 2e1ebed9e6887509e65012df6e1123a5
SweetRice 1.5.1 Code Execution
Posted Nov 3, 2016
Authored by Ashiyane Digital Security Team

SweetRice version 1.5.1 suffers from a code execution vulnerability via the use of a cross site request forgery flaw.

tags | exploit, code execution, csrf
MD5 | 9ddfa29d98fc9ecee3a49ca6de7307ac
Red Hat Security Advisory 2016-2573-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2573-02 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.

tags | advisory, overflow, code execution
systems | linux, redhat, osx
advisories | CVE-2016-3075
MD5 | a6f6d5517d89fb0a51eaeb83b0408e75
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close