what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-01-25

WordPress InfiniteWP Client 1.5.1.3 / 1.6.0 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress InfiniteWP Client plugin versions 1.5.1.3 and 1.6.0 suffer from a PHP object injection vulnerability.

tags | advisory, php
SHA-256 | 74ff5245b2d5c61d42d72ec48e5ef102ec8f33a14a671e780a71faac3de023c7
EMC Isilon OneFS Privilege Escalation
Posted Jan 25, 2017
Site emc.com

EMC Isilon OneFS is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. Various versions of the 7.x.x.x releases are affected.

tags | advisory
advisories | CVE-2016-9871
SHA-256 | e90fe55e4ac1ce95d60fef53ca4d18d4e23e188f99c4a0a9d995592b077bef24
WordPress CMS Commander Client 2.21 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress CMS Command Client plugin version 2.21 suffer from a PHP object injection vulnerability.

tags | advisory, php
SHA-256 | 7625040df4e8cd693c4e1f946eb49f919e552143bf24eb14f8dfd937809d5dd3
WordPress Google Forms 0.87 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Forms plugin versions 0.8 through 0.87 suffer from a PHP object injection vulnerability.

tags | advisory, php
SHA-256 | ae94630680f1e42c5eeb8f1edcd5f27fe6bcea14d0a2979fd4b00f7a0817a4a2
OpenCart 2.3.0.2 Cross Site Request Forgery
Posted Jan 25, 2017

OpenCart version 2.3.0.2 suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
SHA-256 | 8e30f83b2ffe57959ff9f9854a4e605a27ee7efbc48ea1739cb3bedf09e55d23
Gentoo Linux Security Advisory 201701-65
Posted Jan 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-65 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, the worst of which may allow execution of arbitrary code Versions less than 1.8.0.121 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3260, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289
SHA-256 | 1d411c67045468f66d9be8f87af444135bfe4edb5ff40c3d978dceeda485b1e7
Gentoo Linux Security Advisory 201701-64
Posted Jan 25, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-64 - Multiple vulnerabilities have been found in X.Org X Server, the worst of which may allow authenticated attackers to read from or send information to arbitrary X11 clients. Versions less than 1.18.4 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6424, CVE-2015-3164, CVE-2015-3418
SHA-256 | 73e2e4f1303187d367e8f18e99cdc9c6afef497aaa8fe6fed6db24b7ecf4f370
Red Hat Security Advisory 2017-0191-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0191-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.

tags | advisory
systems | linux, redhat
SHA-256 | 5ef45ba4c4459be94e2c6736d80d19748c391b48f908d25e7ec5b81775e18389
Red Hat Security Advisory 2017-0192-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0192-01 - After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase.

tags | advisory
systems | linux, redhat
SHA-256 | f5a4a7baea0c8d806ae99d96ea51b8054ba30cb5ed3ac794f4ae47c8baa364eb
Red Hat Security Advisory 2017-0190-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0190-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.7.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396
SHA-256 | 92a75711d8c764d53700932ba5fa362465c3ba99f2a33e3f058ccf0ea605a3de
HP Security Bulletin HPSBST03642 3
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03642 3 - Security vulnerabilities in OpenSSL and OpenSSH were addressed in HPE StoreVirtual products using LeftHand OS. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information, additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in arbitrary code execution, unauthorized access, disclosure of information, or Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470, CVE-2014-3566, CVE-2016-0705
SHA-256 | 864bcff09d4a86c839035348112fa45614c1f5e5a95ea128a61d9122002eb2f1
HP Security Bulletin HPSBHF03695 1
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03695 1 - A security vulnerability with the Ethernet Non-Volatile Flash Memory (NVM) image in Intel Forteville-based adapters has been addressed by certain HPE Ethernet Adaptors. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-8106
SHA-256 | 2ef48a83b40449f8fbb254829043b60e5e679b066dd69b0e0d85eb8600f804a4
Ubuntu Security Notice USN-3179-1
Posted Jan 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3179-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289
SHA-256 | 6bda3d62c1c8c78bd4f6b0e8698e7c3cd70f29a93396246928e224431ea0e83f
Red Hat Security Advisory 2017-0194-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0194-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6 and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-2108, CVE-2016-2177, CVE-2016-2178, CVE-2016-4459, CVE-2016-6808, CVE-2016-8612
SHA-256 | 87174b8450d231a37911132f24e96b986faf624c7b0a9cba8fa385f524dd7b74
Red Hat Security Advisory 2017-0193-01
Posted Jan 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0193-01 - This release adds the new Apache HTTP Server 2.4.23 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.6, and includes bug fixes and enhancements.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-2108, CVE-2016-2177, CVE-2016-2178, CVE-2016-4459, CVE-2016-6808, CVE-2016-8612
SHA-256 | add426ec965f995c831f757bb8748e79a3bfb0db3b46802a9cf9ad5be73448c2
HP Security Bulletin HPSBHF03441 2
Posted Jan 25, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03441 2 - Potential security vulnerabilities have been identified in HPE Integrated Lights Out 3, HPE Integrated Lights Out 4, and Integrated Lights Out 4 mRCA. The vulnerabilities are remotely exploitable. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-4375
SHA-256 | 725dda88fc75de2dd666620311ad115afdaf41691da1310e0ffe965f13f3659d
WD My Cloud Mirror 2.11.153 Remote Command Execution / Authentication Bypass
Posted Jan 25, 2017
Authored by Kacper Szurek

WD My Cloud Mirror version 2.11.153 suffers from remote command execution and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, bypass
SHA-256 | b6e6e9435d35488c27f70634c1ba1c1a4fb0d74f1203dc7d4d19ef05043a7baf
An Overview Of Some Popular Network Anonymity Systems
Posted Jan 25, 2017
Authored by James Fell

This essay takes a look at a selection of network anonymity systems including VPNs, Tor, Freenet and I2P. The different systems are explained and then compared and contrasted with each other. A number of issues are considered for each system including ease of use, popularity, strength of anonymity provided, and potential attacks on the system.

tags | paper
SHA-256 | a4e13aeaa32d0f23f46e8a5422c6a62f47a566f7de1f2f87f6b1a2306e58ba82
Apple Security Advisory 2017-01-23-7
Posted Jan 25, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-7 - iTunes for Windows 12.5.5 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple
advisories | CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2366
SHA-256 | 4c501fcce5004df66bab08bab466bc67e6321f8c5999863d097303011f483d4f
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close