Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-12-14

Apple Security Advisory 2016-12-13-8
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-8 - Transporter 1.9.2 is now available and addresses an information disclosure vulnerability.

tags | advisory, info disclosure
systems | apple
advisories | CVE-2016-7666
MD5 | 23ccad4b9b6aa04d95e811eee7542ae5
Apple Security Advisory 2016-12-13-7
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-7 - This advisory provides additional information in regards to watchOS 3.1.1 fixes as originally documented in APPLE-SA-2016-12-12-2.

tags | advisory
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7606, CVE-2016-7607, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7636, CVE-2016-7637, CVE-2016-7643, CVE-2016-7644, CVE-2016-7651, CVE-2016-7657, CVE-2016-7658, CVE-2016-7659, CVE-2016-7660, CVE-2016-7662, CVE-2016-7663
MD5 | 801434c318d5692c02cfba2ec535db97
Apple Security Advisory 2016-12-13-4
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-4 - iCloud for Windows v6.1 is now available and addresses memory corruption, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | windows, apple
advisories | CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7614, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646, CVE-2016-7648, CVE-2016-7649, CVE-2016-7652, CVE-2016-7654, CVE-2016-7656
MD5 | c3775044392cb2111383c87036274938
Apple Security Advisory 2016-12-13-5
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-5 - This advisory provides additional information in regards to iOS 10.2 fixes as originally documented in APPLE-SA-2016-12-12-1.

tags | advisory
systems | cisco, apple, ios
advisories | CVE-2016-4688, CVE-2016-4689, CVE-2016-4690, CVE-2016-4691, CVE-2016-4692, CVE-2016-4693, CVE-2016-4743, CVE-2016-4781, CVE-2016-7586, CVE-2016-7587, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7592, CVE-2016-7594, CVE-2016-7595, CVE-2016-7597, CVE-2016-7598, CVE-2016-7599, CVE-2016-7601, CVE-2016-7606, CVE-2016-7607, CVE-2016-7610, CVE-2016-7611, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619
MD5 | 0ff43dc8c05f33f2486ac599a0834a1e
Apple Security Advisory 2016-12-13-6
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-6 - This advisory provides additional information in regards to tvOS 10.1 fixes as originally documented in APPLE-SA-2016-12-12-3.

tags | advisory
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4692, CVE-2016-4693, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7598, CVE-2016-7599, CVE-2016-7606, CVE-2016-7607, CVE-2016-7610, CVE-2016-7611, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7632, CVE-2016-7635, CVE-2016-7636
MD5 | 9219b5cf77b5db9584c646ca1151492d
Apple Security Advisory 2016-12-13-3
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-3 - iTunes 12.5.4 is now available and addresses memory corruption, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646, CVE-2016-7648, CVE-2016-7649, CVE-2016-7652, CVE-2016-7654, CVE-2016-7656
MD5 | f1e7caa87e91c96bc78f849efc74c7b1
Apple Security Advisory 2016-12-13-2
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-2 - Safari 10.0.2 is now available and addresses cross site scripting, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution, xss
systems | apple
advisories | CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7623, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646, CVE-2016-7648, CVE-2016-7649, CVE-2016-7650, CVE-2016-7652, CVE-2016-7654, CVE-2016-7656
MD5 | c2d99915672ff830d39bd9658d98db95
Apple Security Advisory 2016-12-13-1
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-1 - macOS 10.12.2 is now available and addresses arbitrary code execution, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2016-1777, CVE-2016-1823, CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-6303, CVE-2016-6304, CVE-2016-7141, CVE-2016-7167, CVE-2016-7411, CVE-2016-7412, CVE-2016-7413, CVE-2016-7414, CVE-2016-7416, CVE-2016-7417, CVE-2016-7418, CVE-2016-7588, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7596, CVE-2016-7600, CVE-2016-7602, CVE-2016-7603, CVE-2016-7604
MD5 | 43849fd460fd7f718d2448fb66786491
Ubuntu Security Notice USN-3155-1
Posted Dec 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3155-1 - Multiple security vulnerabilities were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting attacks, obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2016-9080, CVE-2016-9893, CVE-2016-9894, CVE-2016-9895, CVE-2016-9896, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9903, CVE-2016-9904
MD5 | b057b5a479dabb84401f9de6ac507f8f
Red Hat Security Advisory 2016-2945-01
Posted Dec 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2945-01 - Red Hat Single Sign-On 7.0 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This asynchronous patch is a security update for Red Hat Single Sign-On 7.0. Security Fix: It was found that Keycloak did not implement authentication flow correctly. An attacker could use this flaw to construct a phishing URL, from which he could hijack the user's session. This could lead to information disclosure, or permit further possible attacks.

tags | advisory, web, info disclosure
systems | linux, redhat
advisories | CVE-2016-8609
MD5 | 405966b1e769858957473ffbd933d3f6
Ubuntu Security Notice USN-3156-1
Posted Dec 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3156-1 - Jann Horn discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-1252
MD5 | 12f721f79b076292d06b27ee85df8e2a
McAfee Virus Scan Enterprise For Linux Remote Code Execution
Posted Dec 14, 2016
Authored by Andrew Fasano

McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution, virus
systems | linux
advisories | CVE-2016-8016, CVE-2016-8017, CVE-2016-8018, CVE-2016-8019, CVE-2016-8020, CVE-2016-8021, CVE-2016-8022, CVE-2016-8023, CVE-2016-8024, CVE-2016-8025
MD5 | a0d282e0350b084cdb73392f67a1db25
Samsung Devices KNOX Extensions OTP TrustZone Trustlet Stack Buffer Overflow
Posted Dec 14, 2016
Authored by Google Security Research

As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are generated in a TrustZone application within the TEE (UID: fffffffff0000000000000000000001e), which can be communicated with using the "OTP" service, published by "otp_server". Many of the internal commands supported by the trustlet must either unwrap or wrap a token. They do so by calling the functions "otp_unwrap" and "otp_wrap", correspondingly. Both functions copy the internal token data to a local stack based buffer before attempting to wrap or unwrap it. However, this copy operation is performed using a length field supplied in the user's buffer (the length field's offset changes according to the calling code-path), which is not validated at all. This means an attacker can supply a length field larger than the stack based buffer, causing the user-controlled token data to overflow the stack buffer. There is no stack cookie mitigation in MobiCore trustlets. On the device I'm working on (SM-G925V), the "OTP" service can be accessed from any user, including from the SELinux context "untrusted_app". Successfully exploiting this vulnerability should allow a user to elevate privileges to the TrustZone TEE.

tags | exploit, overflow, local
MD5 | 7ca93e4b9e68b1ccea14faa98806c21a
apt Repository Signing Bypass
Posted Dec 14, 2016
Authored by Jann Horn, Google Security Research

apt suffers from a repository signing bypass via memory allocation failure.

tags | exploit
advisories | CVE-2016-1252
MD5 | 7fe09c2346b03237428e53e88de533f6
Microsoft Security Bulletin Revision Increment For December, 2016
Posted Dec 14, 2016
Site microsoft.com

This bulletin summary lists six bulletins that have undergone a major revision increment.

tags | advisory
MD5 | 38279da095a65c3cd10e0ce49412f2b0
Microsoft Security Bulletin Summary For December, 2016
Posted Dec 14, 2016
Site microsoft.com

This bulletin summary lists twelve released Microsoft security bulletins for December, 2016.

tags | advisory
MD5 | 060a66e5665205e6ce22ce18d12de8ef
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close