Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-01-25

WordPress InfiniteWP Client 1.5.1.3 / 1.6.0 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress InfiniteWP Client plugin versions 1.5.1.3 and 1.6.0 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 46b274061e0acc0178360b285063f6b1
EMC Isilon OneFS Privilege Escalation
Posted Jan 25, 2017
Site emc.com

EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. Various versions of the 7.x.x.x releases are affected.

tags | advisory
advisories | CVE-2016-9871
MD5 | e667ced2224e97d4bc7c29d00c863473
WordPress CMS Commander Client 2.21 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress CMS Command Client plugin version 2.21 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 9a7027555b61d92952f9550a552cf56f
WordPress Google Forms 0.87 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Forms plugin versions 0.8 through 0.87 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 4808b37b794d5488075cea57599da9e2
OpenCart 2.3.0.2 Cross Site Request Forgery
Posted Jan 25, 2017

OpenCart version 2.3.0.2 suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | eb474e9107cd056b386ae5b810b14eda
Gentoo Linux Security Advisory 201701-65
Posted Jan 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-65 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, the worst of which may allow execution of arbitrary code Versions less than 1.8.0.121 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3260, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289
MD5 | 02e023b883e373a3bf1d31ee813fd1ae
Gentoo Linux Security Advisory 201701-64
Posted Jan 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-64 - Multiple vulnerabilities have been found in X.Org X Server, the worst of which may allow authenticated attackers to read from or send information to arbitrary X11 clients. Versions less than 1.18.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6424, CVE-2015-3164, CVE-2015-3418
MD5 | 64d752296eeef5e5435d05f74f6fab8e
Red Hat Security Advisory 2017-0191-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0191-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.

tags | advisory
systems | linux, redhat
MD5 | 33887b0e2915cdb9e7edd05a5c1428b6
Red Hat Security Advisory 2017-0192-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0192-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.

tags | advisory
systems | linux, redhat
MD5 | b2d35c67ecc875462cc0401fce2de280
Red Hat Security Advisory 2017-0190-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0190-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.7.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396
MD5 | 165044ce69b894d5aa649a4ef01e9fa0
HP Security Bulletin HPSBST03642 3
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3566, CVE-2016-0705
MD5 | 2a7fc4c484132a88fb19a3bff6be7eaa
HP Security Bulletin HPSBHF03695 1
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03695 1 - A security vulnerability with the Ethernet Non-Volatile Flash Memory (NVM) image in Intel Forteville-based adapters has been addressed by certain HPE Ethernet Adaptors. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-8106
MD5 | d5351baa60822d038b62fa6700179fab
Ubuntu Security Notice USN-3179-1
Posted Jan 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3179-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289
MD5 | 05bd35309151940a3d3bf97cb00f1258
Red Hat Security Advisory 2017-0194-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0194-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-2108, CVE-2016-2177, CVE-2016-2178, CVE-2016-4459, CVE-2016-6808, CVE-2016-8612
MD5 | 975da83bd9aca9cb9a5340cea42e0844
Red Hat Security Advisory 2017-0193-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0193-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-2108, CVE-2016-2177, CVE-2016-2178, CVE-2016-4459, CVE-2016-6808, CVE-2016-8612
MD5 | 053512a40c8824ef00912d4a3a6321c1
HP Security Bulletin HPSBHF03441 2
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03441 2 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3, HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities are remotely exploitable. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-4375
MD5 | 9b68eecfa3566190ba2cb263b99d3322
WD My Cloud Mirror 2.11.153 Remote Command Execution / Authentication Bypass
Posted Jan 25, 2017
Authored by Kacper Szurek

WD My Cloud Mirror version 2.11.153 suffers from remote command execution and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, bypass
MD5 | 3a03bededda8df40bf30974851a7f210
An Overview Of Some Popular Network Anonymity Systems
Posted Jan 25, 2017
Authored by James Fell

This essay takes a look at a selection of network anonymity systems including VPNs, Tor, Freenet and I2P. The different systems are explained and then compared and contrasted with each other. A number of issues are considered for each system including ease of use, popularity, strength of anonymity provided, and potential attacks on the system.

tags | paper
MD5 | edf4b50c5f22ff22e631de9cd3c9e745
Apple Security Advisory 2017-01-23-7
Posted Jan 25, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-7 - iTunes for Windows 12.5.5 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple
advisories | CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2366
MD5 | f57789b6c84897bc855b33dca4b22e27
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close