exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-02-16

OpenText Documentum Content Server 7.3 SQL Injection
Posted Feb 16, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server version 7.3 suffers from a remote SQL injection vulnerability due to a previously announced fix being incomplete.

tags | exploit, remote, sql injection
advisories | CVE-2014-2520, CVE-2017-5585
SHA-256 | ace149b822a50c7993d6f686c8031fafa0ff63437d3e979c07952eb853919ff7
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Remote Root
Posted Feb 16, 2017
Authored by Matthew Bergin | Site korelogic.com

Trendmicro InterScan version 6.5-SP2_Build_Linux_1548 suffers from a remote root access vulnerability.

tags | exploit, remote, root
SHA-256 | 8207670b7b23f48f93f2a7d157326bcd7fa8384a29863a9824938cd6f5929a09
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Privilege Escalation
Posted Feb 16, 2017
Authored by Matthew Bergin | Site korelogic.com

Trendmicro InterScan version 6.5-SP2_Build_Linux_1548 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2016-9315
SHA-256 | d466b761795d8d3086d31d2d398c036a70a01e03515283ad16085a4bf3fe529f
Trendmicro InterScan 6.5-SP2_Build_Linux_1548 Arbitrary File Write
Posted Feb 16, 2017
Authored by Matthew Bergin | Site korelogic.com

Trendmicro InterScan version 6.5-SP2_Build_Linux_1548 suffers from an arbitrary file write vulnerability that can lead to remote command execution.

tags | exploit, remote, arbitrary
SHA-256 | 26ab7b4f02561adad2e13b1c460f10e7406f2bed3b1a400caf9cd13b6a2cc8da
Ubuntu Security Notice USN-3198-1
Posted Feb 16, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3198-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5548, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3261, CVE-2017-3272
SHA-256 | 401231d16faaf570a0694163991be2f69899e60a6316f4ea5ccc0ea0741ef00f
Red Hat Security Advisory 2017-0282-01
Posted Feb 16, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0282-01 - The Oslo concurrency library has utilities for safely running multi-thread, multi-process applications using locking mechanisms, and for running external processes. OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. OpenStack Image Service provides discovery, registration, and delivery services for disk and server images. The service provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5162
SHA-256 | 5fd712c87b8881f2c1c11ceb138da557ae0c18a97e0eaffd9f628cfb8aad3438
Ubuntu Security Notice USN-3197-1
Posted Feb 16, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3197-1 - Kuang-che Wu discovered that multiple integer overflow vulnerabilities existed in libgc. An attacker could use these to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-9427
SHA-256 | 9660c57eca69d7e5b5e3f1edab1ac7798f8fe091d546ea992308803cdc972e83
Cisco Security Advisory 20170215-ucs
Posted Feb 16, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. Attackers could exploit this vulnerability by enabling Developer Mode for their user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to the profile. An exploit could allow attackers to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, web, arbitrary, local
systems | cisco
SHA-256 | af8ddd4b376f7c30e09926c47b62cf5a42d2a31626a7239edac7bdaa02886344
Red Hat Security Advisory 2017-0276-01
Posted Feb 16, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0276-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3135
SHA-256 | 33a7601585c42e9c028fe9fe800eccb4904146febae800994c309c87bb09a0ce
Joomla JoomBlog 1.3.1 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla JoomBlog component version 1.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2a3e00aece5ff7a26c6e0e8989853559766b9ee80c52a24311f397cfaea8e070
Suricata IDS / IPS 3.2.x / 3.1.x IPv4 Evasion
Posted Feb 16, 2017
Authored by Jeremy Beaume

Suricata IDS / IPS versions 3.2.x before 3.2.13.13 and versions 3.1.3 and below suffered from an issue with IPv4 evasion.

tags | advisory
SHA-256 | ae4d50e6dd5d0d4d2b0cfb7661192e3225d3bededae3434f440a38ff2641bf79
OpenSSL Security Advisory 20170216
Posted Feb 16, 2017
Site openssl.org

OpenSSL Security Advisory 20170216 - During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers are affected.

tags | advisory
advisories | CVE-2017-3733
SHA-256 | 89f33fdcfc3a843de7fa742f846df800fb1b00666355c492d4ba177e9b4340bb
Joomla Spider Catalog Lite 1.8.10 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla Spider Catalog Lite component version 1.8.10 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9ad9dca71b7e8d6d0542251460ff409a2923b90e54c17cbf8178f13088f4126f
Joomla JEmbedAll 1.4 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla JEmbedAll component version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 29f8362bb4246d4f4b00d992692cd21868974c3ef96cbc7146a4c883aac383a9
Joomla Spider FAQ Lite 1.3.1 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla Spider FAQ Lite component version 1.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a26d44a2e68bca913869836d315a2c7605ebf030c50a5cbc4b1b51d662ee7b71
Joomla Spider Facebook 1.6.1 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla Spider Facebook component version 1.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bbd7c757c81b55e14b9a48661769e540c487ed8339f0d9c37fddfd0625e15472
GOM Player 2.3.10.5266 Denial Of Service
Posted Feb 16, 2017
Authored by Peter Baris

GOM Player version 2.3.10.5266 suffers from an .fpx file denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-5881
SHA-256 | e696f17a61fc8fa053bbaae40704101549943d96e59a303ece6f2bbdd6fe50ec
Linux Dual / Multi Mode Bind Shell Shellcode
Posted Feb 16, 2017
Authored by odzhancode

156 bytes small Linux dual / multi mode bind shell shellcode.

tags | shell, shellcode
systems | linux
SHA-256 | 659a9367e30a697641766975195410f25a1bd0301b3ae9dbec564d2c0830fa6d
Joomla JSP Store Locator 2.2 SQL Injection
Posted Feb 16, 2017
Authored by Ihsan Sencan

Joomla JSP Store Locator component version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0f662c9a963f5d4595d3741b19e2dca18d35d7e3faa2594afe621674555a2e5c
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close