exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-11-24

Debian Security Advisory 3723-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
SHA-256 | 1d94de5f108a641a7b5e9dbc3bb7d8da7246df577309dc403eabaf566072824b
Debian Security Advisory 3724-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3724-1 - Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
SHA-256 | 8ff0cf57f3b3288f0d4eeb96051a5dfc1fb32ac32bbcb923eced76c5d2f39456
WordPress Image Gallery 1.9.65 Cross Site Scripting
Posted Nov 24, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0bb0d94ef5393df1da4ec3d3dd81c9738261921d4c15cfd9d9d4d0d680c19feb
Ubuntu Security Notice USN-3137-1
Posted Nov 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3137-1 - It was discovered that MoinMoin did not properly sanitize certain inputs, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2016-7146, CVE-2016-7148, CVE-2016-9119
SHA-256 | 5dc21582c4e5438359f7e9cbf7f3f1a05d7d569e8fb102ddc0de309ed17acf4c
Ubuntu Security Notice USN-3136-1
Posted Nov 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3136-1 - Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-8649
SHA-256 | fa5f78b6a71df95c1a351871bfca0a6692f9f30f599849d1fa869ef3197ddce9
Docker 1.11.2 Forged VXLAN Packet Service Detection
Posted Nov 24, 2016
Authored by Francesco Tornieri

Docker versions 1.11.2 and below suffer from an issue where a forged VXLAN packet can be leveraged to scan services that are not exposed.

tags | exploit
SHA-256 | a4e4a57ace4ef27819179237d6afd95b851a2dcb97baf0583bc8133f4f80246a
GNU Wget Access List Bypass / Race Condition
Posted Nov 24, 2016
Authored by Dawid Golunski

GNU wget versions 1.17 and earlier, when used in mirroring/recursive mode, are affected by a race condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions specified with the -A parameter. This might allow attackers to place malicious/restricted files onto the system. Depending on the application / download directory, this could potentially lead to other vulnerabilities such as code execution, etc.

tags | exploit, remote, vulnerability, code execution, bypass
advisories | CVE-2016-7098
SHA-256 | c9c7cf1f94f2e1d07833e7d43576bff9a1066ace4df75ff0824c5188b1e5e8fe
HP Security Bulletin HPSBHF03673 1
Posted Nov 24, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03673 1 - Security vulnerabilities in MD5 message digest algorithm and RC4 ciphersuite could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. These vulnerabilities could be exploited remotely to conduct spoofing attacks and plaintext recovery attacks resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory, spoof, vulnerability
advisories | CVE-2004-2761, CVE-2013-2566, CVE-2015-2808
SHA-256 | 602636acd9eb352dc892bc1bded1cab28642c3e6645b73e0d9f61fe6df4d7dd2
Red Hat JBoss EAP 5.2.x Untrusted Data Deserialization
Posted Nov 24, 2016
Authored by Maurizio Agazzini, Federico Dotta

JBoss EAP's JMX Invoker Servlet is exposed by default on port 8080/TCP. The communication employs serialized Java objects, encapsulated in HTTP requests and responses. The server deserializes these objects without checking the object type. This behavior can be exploited to cause a denial of service and potentially execute arbitrary code.

tags | exploit, java, web, denial of service, arbitrary, tcp
advisories | CVE-2016-7065
SHA-256 | 1402dee1010d43d2904c61bd152231b878698f6ba49611de5845ac70f3bc4052
EASY HOME Alarmanlagen-Set MAS-S01-09 Cryptographic Issues
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

SySS GmbH found out that the 125 kHz RFID technology used by the EASY HOME MAS-S01-09 wireless alarm system has no protection by means of authentication against rogue/cloned RFID tokens. The information stored on the used RFID tokens can be read easily in a very short time from distances up to 1 meter, depending on the used RFID reader. A working cloned RFID token is ready for use within a couple of seconds using freely available tools.

tags | advisory
SHA-256 | f2b5958d04f9bcacb801da8a3f95c98a49142000d47cd1feadd0ebc033c088f0
Blaupunkt Smart GSM Alarm SA 2500 Kit 1.0 Replay Attacks
Posted Nov 24, 2016
Authored by Matthias Deeg | Site syss.de

Due to an insecure implementation of the used 868 MHz radio communication, the wireless alarm system Blaupunkt Smart GSM Alarm SA 2500 Kit is vulnerable to replay attacks.

tags | advisory
SHA-256 | 4a74349e30018d4eadb03382d40421e1c607aee428fa11c9c661fca820e654b2
M2B GSM Wireless Alarm System Replay Attacks
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to replay attacks.

tags | advisory
SHA-256 | b19e73ae566f67141fff01b385e124ffe916d02b99d2f4b1eb6581a9331a10b9
M2B GSM Wireless Alarm System Brute Force Issue
Posted Nov 24, 2016
Authored by Gerhard Klostermeier | Site syss.de

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to brute-force attacks.

tags | advisory
SHA-256 | a33d718d22481da6180fc9af25a09eb7609ae79013ec68a0eb5bd6fddea35071
VMware Security Advisory 2016-0022
Posted Nov 24, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0022 - VMware vCenter Server, vSphere Client, and vRealize Automation updates address information disclosure vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2016-7458, CVE-2016-7459, CVE-2016-7460
SHA-256 | 2eb92731937c7a5f68f3b95bc7e5f57ed0efd31f7f258f98f7bf28685a4a7363
UCanCode Remote Code Execution / Denial Of Service
Posted Nov 24, 2016
Authored by shinnai

UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.

tags | exploit, remote, denial of service, vulnerability, code execution, activex
SHA-256 | ab4bfbe01de8884e92fde956506ce90ff8b75920f8923dace877792e43cd3b3b
VMware Security Advisory 2016-0021
Posted Nov 24, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0021 - VMware product updates address partial information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2016-5334
SHA-256 | d9372685bd6c303cf6ae449efe2efe58514a7dbbadea4f0e2ab2d3978136abf0
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close