Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-11-24

Debian Security Advisory 3723-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
MD5 | 41b2db800799c9e0b3ed07575dd8bda8
Debian Security Advisory 3724-1
Posted Nov 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3724-1 - Chris Evans discovered that the GStreamer 0.10 plugin used to decode files in the FLIC format allowed execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636
MD5 | 7ed822789560e98d9da03a45c84ff9a9
WordPress Image Gallery 1.9.65 Cross Site Scripting
Posted Nov 24, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0348155d964562c5432c19dd743820e2
Ubuntu Security Notice USN-3137-1
Posted Nov 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3137-1 - It was discovered that MoinMoin did not properly sanitize certain inputs, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2016-7146, CVE-2016-7148, CVE-2016-9119
MD5 | 39e0c8b5e9eb6b9021551128abbbd9c6
Ubuntu Security Notice USN-3136-1
Posted Nov 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3136-1 - Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-8649
MD5 | 1a876aed0a9b212ff6c0b1214c2a8d42
Docker 1.11.2 Forged VXLAN Packet Service Detection
Posted Nov 24, 2016
Authored by Francesco Tornieri

Docker versions 1.11.2 and below suffer from an issue where a forged VXLAN packet can be leveraged to scan services that are not exposed.

tags | exploit
MD5 | 3edaf1d6e16dbbc9e2f5a098e54e62bd
GNU Wget Access List Bypass / Race Condition
Posted Nov 24, 2016
Authored by Dawid Golunski

GNU wget versions 1.17 and earlier, when used in mirroring/recursive mode, are affected by a race condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions specified with the -A parameter. This might allow attackers to place malicious/restricted files onto the system. Depending on the application / download directory, this could potentially lead to other vulnerabilities such as code execution, etc.

tags | exploit, remote, vulnerability, code execution, bypass
advisories | CVE-2016-7098
MD5 | 3a7f82b9aec2e988d5b1a8143090c82b
HP Security Bulletin HPSBHF03673 1
Posted Nov 24, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03673 1 - Security vulnerabilities in MD5 message digest algorithm and RC4 ciphersuite could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. These vulnerabilities could be exploited remotely to conduct spoofing attacks and plaintext recovery attacks resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory, spoof, vulnerability
advisories | CVE-2004-2761, CVE-2013-2566, CVE-2015-2808
MD5 | 274750d1408fd79a1bcf6394e3ad6046
Red Hat JBoss EAP 5.2.x Untrusted Data Deserialization
Posted Nov 24, 2016
Authored by Maurizio Agazzini, Federico Dotta

JBoss EAP's JMX Invoker Servlet is exposed by default on port 8080/TCP. The communication employs serialized Java objects, encapsulated in HTTP requests and responses. The server deserializes these objects without checking the object type. This behavior can be exploited to cause a denial of service and potentially execute arbitrary code.

tags | exploit, java, web, denial of service, arbitrary, tcp
advisories | CVE-2016-7065
MD5 | eaea199662dd8fa71b42b12d170d351d
EASY HOME Alarmanlagen-Set MAS-S01-09 Cryptographic Issues
Posted Nov 24, 2016
Authored by Gerhard Klostermeier

SySS GmbH found out that the 125 kHz RFID technology used by the EASY HOME MAS-S01-09 wireless alarm system has no protection by means of authentication against rogue/cloned RFID tokens. The information stored on the used RFID tokens can be read easily in a very short time from distances up to 1 meter, depending on the used RFID reader. A working cloned RFID token is ready for use within a couple of seconds using freely available tools.

tags | advisory
MD5 | 1e8305e16302deb63edb52838d0c7462
Blaupunkt Smart GSM Alarm SA 2500 Kit 1.0 Replay Attacks
Posted Nov 24, 2016
Authored by Matthias Deeg

Due to an insecure implementation of the used 868 MHz radio communication, the wireless alarm system Blaupunkt Smart GSM Alarm SA 2500 Kit is vulnerable to replay attacks.

tags | advisory
MD5 | eed744c98c76ab47d78d565ccfbc9dce
M2B GSM Wireless Alarm System Replay Attacks
Posted Nov 24, 2016
Authored by Gerhard Klostermeier

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to replay attacks.

tags | advisory
MD5 | a3a3c861fb87e50b2b55f27ad648bf87
M2B GSM Wireless Alarm System Brute Force Issue
Posted Nov 24, 2016
Authored by Gerhard Klostermeier

Due to an insecure implementation of the used 433 MHz radio communication, the wireless alarm system M2B GSM is vulnerable to brute-force attacks.

tags | advisory
MD5 | 986c6dfe8cf2a30966c91003e6ec3f37
VMware Security Advisory 2016-0022
Posted Nov 24, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0022 - VMware vCenter Server, vSphere Client, and vRealize Automation updates address information disclosure vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2016-7458, CVE-2016-7459, CVE-2016-7460
MD5 | 476130603dba190123ac984ecc43f84c
UCanCode Remote Code Execution / Denial Of Service
Posted Nov 24, 2016
Authored by shinnai

UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks.

tags | exploit, remote, denial of service, vulnerability, code execution, activex
MD5 | a65bb98b56e177de39cb68a5ca7eaebb
VMware Security Advisory 2016-0021
Posted Nov 24, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0021 - VMware product updates address partial information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2016-5334
MD5 | 2bc5a26c205bfce3254bf00a5eca524b
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close