Exploit the possiblities
Showing 1 - 25 of 25 RSS Feed

Files Date: 2016-12-08

Gentoo Linux Security Advisory 201612-24
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-24 - Multiple vulnerabilities were found in Binutils, the worst of which may allow execution of arbitrary code. Versions less than 2.25 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8484, CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738
MD5 | 93953dddf5cd4f67e79c74e3fd73ca05
Gentoo Linux Security Advisory 201612-23
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-23 - Multiple vulnerabilities have been found in socat, the worst of which may allow execution of arbitrary code. Versions less than 1.7.3.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
MD5 | 0bdf5fcb070090534ceb5bc78644793c
Gentoo Linux Security Advisory 201612-22
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-22 - A vulnerability in Coreutils could lead to the execution of arbitrary code or a Denial of Service condition. Versions less than 8.23 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9471
MD5 | 4a6a975b18282b10d0eab8675bc01196
Gentoo Linux Security Advisory 201612-21
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-21 - Multiple vulnerabilities were found in SQLite, the worst of which may allow execution of arbitrary code. Versions less than 3.11.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
MD5 | 0311238f35b6ba2480a5be6019a0accc
Gentoo Linux Security Advisory 201612-20
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-20 - A buffer overflow in jq might allow remote attackers to execute arbitrary code. Versions less than 1.5-r2 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
MD5 | 7e1c9ca485946f9637fcec1f968b1e66
HP Security Bulletin HPSBHF03674 1
Posted Dec 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03674 1 - A potential security vulnerability in the DES/3DES block ciphers could potentially impact HPE Comware 5 and Comware 7 network products using SSL/TLS. This vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-2183
MD5 | a8b666f3b99e7d2e30ee546d4181919d
Red Hat Security Advisory 2016-2938-01
Posted Dec 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2938-01 - This release of Red Hat JBoss BRMS 6.3.4 serves as a replacement for Red Hat JBoss BRMS 6.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-7041
MD5 | 02dd71ccd32ff8d79ea86b8f0c88b588
Red Hat Security Advisory 2016-2937-01
Posted Dec 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2937-01 - This release of Red Hat JBoss BPM Suite 6.3.4 serves as a replacement for Red Hat JBoss BPM Suite 6.3.3, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: Drools Workbench contains the path traversal vulnerability. The vulnerability allows a remote, authenticated attacker to bypass the directory restrictions and retrieve arbitrary files from the affected host.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-7041
MD5 | aa83f6c80c2fba6988542bfa850348d4
Red Hat Security Advisory 2016-2927-01
Posted Dec 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2927-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-3492, CVE-2016-5612, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-5630, CVE-2016-6662, CVE-2016-6663, CVE-2016-8283
MD5 | 102a51eb5bc00a8148e7a4dbd499ac9a
Red Hat Security Advisory 2016-2928-01
Posted Dec 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2928-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb101-mariadb. Security Fix: It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-3492, CVE-2016-5616, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-8283
MD5 | 0563edb6c98cbf79f71ed3b6d5b13815
Gentoo Linux Security Advisory 201612-26
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-26 - Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow execution of arbitrary code. Versions less than 2.1.1_p20160922 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8871, CVE-2016-1923, CVE-2016-1924, CVE-2016-3181, CVE-2016-3182, CVE-2016-3183, CVE-2016-7445
MD5 | ee4f0a7dfcfcef07d41d554cd21fd1eb
Gentoo Linux Security Advisory 201612-25
Posted Dec 8, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-25 - A vulnerability in CrackLib could lead to the execution of arbitrary code. Versions less than 2.9.6-r1 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2016-6318
MD5 | 22561e341b4cf1cd45426a35e47da48b
Ubuntu Security Notice USN-3154-1
Posted Dec 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3154-1 - It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. An attacker could use this to bypass Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java
systems | linux, ubuntu
advisories | CVE-2016-5542, CVE-2016-5554, CVE-2016-5573, CVE-2016-5582, CVE-2016-5597
MD5 | 8468542d1cd6fb82c2801b0fb8b97268
TOR Virtual Network Tunneling Tool 0.2.8.11
Posted Dec 8, 2016
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.8.11 backports fixes for additional portability issues that could prevent Tor from building correctly on OSX Sierra, or with OpenSSL 1.1. Affected users should upgrade; others can safely stay with 0.2.8.10.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 53feaecb15be43b09b06ff0a23252e0d
GNU Transport Layer Security Library 3.4.17
Posted Dec 8, 2016
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Various updates.
tags | protocol, library
MD5 | 03ea7575a43f58964635a5064cce4dc0
Asterisk Project Security Advisory - AST-2016-009
Posted Dec 8, 2016
Authored by Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - The chan_sip channel driver has a liberal definition for whitespace when attempting to strip the content between a SIP header name and a colon character. Rather than following RFC 3261 and stripping only spaces and horizontal tabs, Asterisk treats any non-printable ASCII character as if it were whitespace.

tags | advisory
MD5 | 3eff38af2829992765d75d647b6b0698
Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution
Posted Dec 8, 2016
Authored by Filippo Cavallarin

Microsoft Remote Desktop Client for Mac version 8.0.36 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
MD5 | 336d81c17a6a5985da59e4a0d204dc5d
Microsoft Internet Explorer 9 MSHTML CDispNode::InsertSiblingNode Use-After-Free
Posted Dec 8, 2016
Authored by SkyLined

Microsoft Internet Explorer version 9 suffers from an MSHTML CDispNode::InsertSiblingNode use-after-free vulnerability.

tags | exploit
advisories | CVE-2013-1306
MD5 | 0c6508b950d0027d49193c7d52eebe71
Netgear R7000 Command Injection
Posted Dec 8, 2016
Authored by Acew0rm

Netgear R7000 suffers from a command injection vulnerability.

tags | exploit
MD5 | 1379a78a027d9591250dbd95fa139580
Windows x64 Bind Shell TCP Shellcode
Posted Dec 8, 2016
Authored by Roziul Hasan Khan Shifat

508 bytes small Windows x64 bind shell TCP shellcode.

tags | shell, tcp, shellcode
systems | windows
MD5 | 88daf8d528993fc1e0347b49202b3b2a
Teaching An Old Dog (Not That New) Tricks - Stego In TCP/IP Made Easy Part 1
Posted Dec 8, 2016
Authored by John Torakis

Whitepaper called Teaching an Old Dog (not that new) Tricks - Stego in TCP/IP made easy (part-1).

tags | paper, tcp
MD5 | 960ed71aa5f4b8c8ae9fbfcff0bbc475
Cisco Unified Communications Manager 7 / 8 / 9 Directory Traversal
Posted Dec 8, 2016
Authored by justpentest

A directory traversal vulnerability exists in the Cisco Unified Communications Manager administrative web interface. Versions 7.x, 8.x, and 9.x are all affected.

tags | exploit, web, file inclusion
systems | cisco
advisories | CVE-2013-5528
MD5 | 1dea56e178d46dc07ece08d0e95c4ddb
Red Hat Security Advisory 2016-2923-01
Posted Dec 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2923-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2015-5162
MD5 | 4fee9d05eb5a788ec9a8057ea3b6cf9c
Kernel Live Patch Security Notice LSN-0014-1
Posted Dec 8, 2016
Authored by Luis Henriques

Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, tcp
systems | linux
advisories | CVE-2016-6480, CVE-2016-6828, CVE-2016-8655
MD5 | c654f261f98e8fb00d15ffa5185aa4a4
OpenSSH 7.2 Denial Of Service
Posted Dec 8, 2016
Authored by Kashinath T | Site secpod.com

OpenSSH versions 7.2 and below crypt CPU consumption denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2016-6515
MD5 | 0a051cacab2762d1fb6cc71ecb210afc
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close