Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-11-16

Nginx Root Privilege Escalation
Posted Nov 16, 2016
Authored by Dawid Golunski

Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to escalate their privileges from nginx/web user (www-data) to root. The vulnerability could be easily exploited by attackers who have managed to compromise a web application hosted on Nginx server and gained access to www-data account as it would allow them to escalate their privileges further to root access and fully compromise the system. This is fixed in 1.6.2-5+deb8u3 package on Debian and 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS. UPDATE 2017/01/13 - nginx packages below version 1.10.2-r3 on Gentoo are also affected.

tags | exploit, web, local, root
systems | linux, debian, ubuntu
advisories | CVE-2016-1247
MD5 | a18720c4e6d5445fab2ac18439149c1f
HP Security Bulletin HPSBGN03676 1
Posted Nov 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03676 1 - A potential security vulnerability has been identified with HPE Helion OpenStack Glance image service. This vulnerability could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-8611
MD5 | 17c8032a499a91124842b080dd40926a
Red Hat Security Advisory 2016-2779-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2834, CVE-2016-5285, CVE-2016-8635
MD5 | 8cd3de67f016ea07b1bfbf7a73b94364
VMware Security Advisory 2016-0020
Posted Nov 16, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0020 - vRealize Operations REST API deserialization vulnerability vRealize Operations contains a deserialization vulnerability in its REST API implementation. This issue may result in a Denial of Service as it allows for writing of files with arbitrary content and moving existing files into certain folders. The name format of the destination files is predefined and their names cannot be chosen. Overwriting files is not feasible.

tags | advisory, denial of service, arbitrary
advisories | CVE-2016-7462
MD5 | 1f06521b93fa6beffee9a2bda065bce6
WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
Posted Nov 16, 2016
Authored by Yorick Koster

WordPress All In One WP Security and Firewall plugin versions 4.1.4 through 4.1.9 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f1fd96f6d916037091611e289d77d3c5
Red Hat Security Advisory 2016-2780-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2780-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9064, CVE-2016-9066
MD5 | 68d0aa7f1d8284261bacc2954d675591
Microsoft Internet Explorer 8 Javascript RegExpBase::FBadHeader Use-After-Free
Posted Nov 16, 2016
Authored by SkyLined

A specially crafted web-page can cause the Javascript engine of Microsoft Internet Explorer 8 to free memory used for a string. The code will keep a reference to the string and can be forced to reuse it when compiling a regular expression.

tags | exploit, web, javascript
advisories | CVE-2015-2482
MD5 | d8cfc6c827b0efeb64a9441bb0f92bf4
CS-Cart 4.3.10 Unauthenticated XXE Injection
Posted Nov 16, 2016
Authored by Ahmed Sultan

CS-Cart versions 4.3.10 and below suffer from an unauthenticated XML external entity (XXE) injection vulnerability.

tags | exploit
MD5 | 447b6e3834e4181c5d1a59af8d15434e
Windows x86 EXE Removal Shellcode
Posted Nov 16, 2016
Authored by Fugu

This is a standard meterpreter/windows/reverse_tcp_dns with a little bonus - it will remove the exe that it gets injected/compiled into. Warning: Do not run this from powershell.exe or any other system file exe, because there is a chance it will be erased forever. As is, no warranties.

tags | shellcode
systems | windows
MD5 | 15ff49c9d5537b1e12adba11755fed29
Red Hat Security Advisory 2016-2766-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-1583, CVE-2016-2143
MD5 | 2f0c89292b11b2495035d28c1db5ae5f
Red Hat Security Advisory 2016-2765-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2765-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI could be read by an anonymous user. This could lead to leakage of sensitive information. An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not.

tags | advisory, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2016-4992, CVE-2016-5405, CVE-2016-5416
MD5 | f1587fba80a48e889dc5b14abe273ca1
Red Hat Security Advisory 2016-2778-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2778-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: Ansible fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-8628
MD5 | 0ea44655d4d6ea9211c03158d97e0056
Red Hat Security Advisory 2016-2696-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2696-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform release 3.3.1.4. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8631
MD5 | 846b084a5f848cef97b29eeaf72ef273
HP Security Bulletin HPSBST03671 1
Posted Nov 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03671 1 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information. Revision 1 of this advisory.

tags | advisory, php
advisories | CVE-2016-5385
MD5 | 6d1b17e660ca5c8d469617d69e72907b
Cryptsetup 2:1.7.3-2 Root Initramfs Shell
Posted Nov 16, 2016
Authored by Hector Marco, Ismael Ripoll

A vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify or destroy the hard disc as well as set up the network to data. In cloud environments it is also possible to remotely exploit this vulnerability without having "physical access". Cryptsetup versions 2:1.7.3-2 and below are affected.

tags | advisory, shell, root
systems | linux
advisories | CVE-2016-4484
MD5 | 7c810b6c29e27d96a80e6a4b8a3f8d03
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    13 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close