exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2016-12-22

Red Hat Security Advisory 2016-2994-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2994-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2016-9579
SHA-256 | 092a4667d4e41b5a2490a5b67b5a653174210a7906cb45471c348e50d14ff43d
Red Hat Security Advisory 2016-2995-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2995-01 - Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix: A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-crafted cross-origin HTTP request.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2016-9579
SHA-256 | 9286c561a561d081acd703570e66d73ab1604692e3bd219adda20044de65df1a
Red Hat Security Advisory 2016-2998-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2998-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 6.2 will be retired as of December 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.2 AMC after December 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | ba35fd29d3de92186fa56a88b75ecd2c84a29b1999454998c1562599a697144e
Red Hat Security Advisory 2016-2996-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2996-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 will be retired as of March 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | 707f44af90efb38e6fa9002911b9926f3de3b5e321ad8cc07a39785c415da0f6
Red Hat Security Advisory 2016-2997-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2997-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 will be retired on March 31, 2017, at the end of Production Phase 3. Until that date, customers will continue to receive Critical impact security patches and selected Urgent priority bug fixes for RHEL 5.11. On that date, active support included with your RHEL Premium or Standard subscription will conclude. This means that customers will continue to have access to all previously released content.

tags | advisory
systems | linux, redhat
SHA-256 | 913dc5b3d98e7cafe9e71fcada7961d338d4ca68cdddd17c2653cbe510b9e115
Red Hat Security Advisory 2016-2991-01
Posted Dec 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2991-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2015-5162
SHA-256 | ebc3c8210118437f15107c351ab4d593725196be311a46313bfb14685e29f2ea
Falco 0.5.0
Posted Dec 22, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added cache event formatting objects so they are not re-created for every falco notification. Falco notifications are now throttled by a token bucket, preventing a flood of notifications when many events match a rule. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | b7ee1b90503e4e7f1d936621e4b6b378ed31da31d816f2421ce08d886ade7835
Vesta Control Panel 0.9.8-16 Local Privilege Escalation
Posted Dec 22, 2016
Authored by Jaka Hudoklin

Vesta Control Panel versions 0.9.7 through 0.9.8-16 suffer from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 92b3241e8441af834584c0d465c45d6ae5c0868954554b3b59ef1a096edb42da
Google Chrome Privilege Escalation
Posted Dec 22, 2016
Authored by Jann Horn, Google Security Research

Google Chrome suffers from a renderer->extension privilege escalation vulnerability via sync.

tags | advisory
SHA-256 | 975a584a1d4bcfdd7917a895628174c41f71e744dce4abe0833a8037067a9675
IBM AIX 6.1 / 7.1 / 7.2 Bellmail Privilege Escalation
Posted Dec 22, 2016
Authored by Hector X. Monsegur

IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability.

tags | exploit
systems | aix
advisories | CVE-2016-8972
SHA-256 | 577087b11048468d456a5ce063092a8f85bcb6d7399a0d04a31068c2aecaf02a
Mac OS IOKit Registry Code Execution
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

Mac OS suffers from a kernel code execution vulnerability due to writable privileged IOKit registry properties.

tags | exploit, kernel, registry, code execution
advisories | CVE-2016-7617
SHA-256 | a68b5ccbfb9fc13755fd889600a87bb8e5605b88270d85bc52f265ebd895419a
Microsoft Edge Internationalization Type Confusion
Posted Dec 22, 2016
Authored by Google Security Research, natashenka

Microsoft Edge suffers from a type confusion vulnerability in internationalization initialization.

tags | exploit
advisories | CVE-2016-7287
SHA-256 | 0be320830419d4d413759485f8f9434390d748bbadbe6240c606e8d40c43b5f1
Mac OS / iOS syslogd Arbitrary Port Replacement
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

syslogd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7660
SHA-256 | 99a94dcd03523d376a072610f043b1209de8f254832968af4d257e80e30721f3
Android WifiNative::setHotlist Stack Overflow
Posted Dec 22, 2016
Authored by Google Security Research, Mark Brand

Android suffers from a stack overflow vulnerability in WifiNative::setHotlist.

tags | exploit, overflow
advisories | CVE-2016-6772
SHA-256 | cd3a91f7963d6333306d556e62ac5339d4d9c7785ac58b5b1dbe108c918528b9
Microsoft Edge SIMD.toLocaleString Uninitialized Memory
Posted Dec 22, 2016
Authored by Google Security Research, natashenka

Microsoft Edge suffers from an uninitialized memory vulnerability in SIMD.toLocaleString.

tags | exploit
advisories | CVE-2016-7286
SHA-256 | 643bb73906252ab5624064b3341377969b656d9e7c0942f2729b87dab962bac4
Mac OS / iOS powerd Arbitrary Port Replacement
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

powerd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.

tags | exploit, arbitrary
systems | cisco, ios
advisories | CVE-2016-7661
SHA-256 | 3e5a21bc29ff1a558770231e308bd600e6410b4a304e2859b2163f3dd2cd5cdf
MacOS Sierra 10.12 16A323 Double vm_deallocate Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

MacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.

tags | exploit
advisories | CVE-2016-7633
SHA-256 | 58a7ed2e19c9a5fce731f15aa8b83ace30921a87bf6431e44964fdb9a6e2d1d9
Mac OS X / iOS Missing Error Check Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

A lack of error checking leads to a reference count leak and OS X / iOS kernel use-after-free vulnerability in _kernelrpc_mach_port_insert_right_trap.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7621
SHA-256 | cac9c1a81d04f178479bf07a83852204325d3d8036f55cdb5e9e23a10b46cb54
Mac OS / iOS Privileged Port Name Replacement
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

A broken kernel mach port name uref handling on iOS and Mac OS can lead to privileged port name replacement in other processes.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7637
SHA-256 | ec46204069f275edad54bb9993ef3883c9de93719d666d76af2753a535b88de9
at(1) Persistence Module
Posted Dec 22, 2016
Authored by Jon Hart | Site metasploit.com

This Metasploit module achieves persistence by executing payloads via at(1).

tags | exploit
SHA-256 | eec5ec5ef01a82dae2c5cd893e51333a0196cb32b3048342445a1aa8c944a00f
Mac OS X / iOS ipc_port_t Reference Count Leak / Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, Ian Beer

There is an ipc_port_t reference count leak due to incorrect externalMethod overrides that lead to a Mac OS X / iOS kernel use-after-free vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7612
SHA-256 | 67d8687d9545ab1a2ccd1bda5d239a1cd88fcab8e19837adaef0762100aedf39
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close