exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 541 RSS Feed

Files Date: 2017-03-01 to 2017-03-31

Trend Micro Enterprise Mobile Security Android Application Man-In-The-Middle
Posted Mar 30, 2017
Authored by David Coomber

The Trend Micro Enterprise Mobile Security android application suffers from a man-in-the-middle SSL certificate vulnerability.

tags | advisory
advisories | CVE-2016-9319
SHA-256 | 3be0a3916b23746808c0c776f1e66acee4ee7df205c6f4e4557903bacd4c08eb
HPE Security Bulletin HPESBHF03723 1
Posted Mar 30, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03723 1 - A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. The vulnerability could be remotely exploited to allow execution of code. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. Revision 1 of this advisory.

tags | advisory, web
advisories | CVE-2017-5638
SHA-256 | d6e597c7bb73b8b7ba06f660e94513f08f799d97c77d1c9cf31cc41c314e3fa6
HPE Security Bulletin HPESBUX03725 1
Posted Mar 30, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-2183, CVE-2016-8740, CVE-2016-8743
SHA-256 | 5df1b537a3a2899886f0263d940c4193b758bfc583dd96021c5e940a90f029a8
Ubuntu Security Notice USN-3251-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-2 - USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b1d487963e5c52b099632d8ab214ebd2e907b74a6c379f725d804c0da4616fcb
Ubuntu Security Notice USN-3251-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3251-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 1ca3a3e8ffe4e088904c9f1b8447dbb3bf2c0b1d8c96424615dc666524cfd330
Ubuntu Security Notice USN-3250-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | e0d47a21fe1bda95bc4b052c9f7665e52054b71dab369a17a44a17c1ebde95d4
Ubuntu Security Notice USN-3250-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3250-2 - USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b422cb5aab80fdbf0c348767b7d781f06b31e9fe1bd2d4d06b44326a9ad12b40
Ubuntu Security Notice USN-3249-2
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-2 - USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 460470cda31135e28bf5e1bede438fdd331eba3492c08a19c3210a779e90f05a
Ubuntu Security Notice USN-3248-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3248-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | b2af43e9ee4661670491287b35ae5b6204a60fd2e6cb9ae3dbee38243de221bd
Ubuntu Security Notice USN-3249-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3249-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7184
SHA-256 | 8e6a027bf065ecdae1744051be9c1eeb8feffddb13c1d70f176316aecc5f924c
Ubuntu Security Notice USN-3236-1
Posted Mar 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3236-1 - Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the security status API or webview URL to indicate the wrong values, bypass security restrictions, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033, CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044, CVE-2017-5045, CVE-2017-5046
SHA-256 | 7069b55c974764404a6bd3c1a7386f8efd74a673a5217b50585d13825906a1ff
Debian Security Advisory 3824-1
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3824-1 - George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2017-6369
SHA-256 | 77569fa3e3fe5a77943c7cab473511a3a5e942a79f3b4057eec65f15d8cdbc0e
Debian Security Advisory 3798-2
Posted Mar 30, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3798-2 - DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.

tags | advisory
systems | linux, debian
SHA-256 | 91907dc419eacbfe525acaae6b9baccfc9233d9873b50246b5cf24e06fb463de
Red Hat Security Advisory 2017-0847-01
Posted Mar 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0847-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2017-2628
SHA-256 | 974b5fabd635b171138950d3c4169a2374eec8a7fa006d510de7b420497dd80f
Slackware Security Advisory - mariadb Updates
Posted Mar 30, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mariadb packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-3302, CVE-2017-3313
SHA-256 | d28bdd977d39f007c77399f719272fae2c4233f4574b5f1bad80d829ac511400
Amazon S3 Open Redirect
Posted Mar 30, 2017
Authored by Ghostman

Amazon S3 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | cc5afbb9a4b12138b7c5db47bdc0b8bb94e014dae51869e09b079aaf22a799b5
EMC Isilon OneFS Path Traversal
Posted Mar 29, 2017
Site emc.com

EMC Isilon OneFS versions 7.1.0 through 7.1.1.10, 7.2.0 through 7.2.1.3, and 8.0.0 through 8.0.0.1 suffer from a path traversal vulnerability.

tags | advisory
advisories | CVE-2017-4980
SHA-256 | e19aca5b754771c11a24391d2108333efd59db0c26f9b6719e2dd9b3d446f54c
Zed Attack Proxy 2.6.0 Cross Platform Package
Posted Mar 29, 2017
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

Changes: Various updates.
tags | tool, web, vulnerability
SHA-256 | c60b5a14421f20d997492599b2a550ece3abc6760ea94785b093769ac8c5b272
Falco 0.6.0
Posted Mar 29, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Falco now has its own dedicated kernel module. Third party libraries updated to address security vulnerabilities. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 748845b6c31f8c95295db678c0d4310f7e7ca8a444f9f4f2835073ad72a63d37
Lynis Auditing Tool 2.4.8
Posted Mar 29, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: More PHP paths added. Minor changes to text.
tags | tool, scanner
systems | unix
SHA-256 | 6be0dcb0e3c66c76266944b1c5b6f1d8ba617dc1ce89b8d278f4e1f990a6f70a
Pixie 1.0.4 Cross Site Scripting
Posted Mar 29, 2017
Authored by rungga_reksya, dickysofficial

Pixie version 1.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1bfb97f0b476e0247458cce92c0e867e76225fb7c98585669be0eec4d91c07f8
MacOS/iOS mach_msg Memory Copy Failure
Posted Mar 29, 2017
Authored by Google Security Research, lokihardt

MacOS/iOS suffer from an issue where mach_msg does not copy memory in a certain case.

tags | exploit, kernel
systems | ios
advisories | CVE-2017-2456
SHA-256 | 311975d6c6410fc74e8c9b4e249484bd7519ec1515eba64cd53af81d9d333a20
Microsoft VBA Hidden Modules
Posted Mar 29, 2017
Authored by Maxim Tomashevich

Microsoft Visual Basic for Applications versions 6.5 through 7.1 suffer from a malicious hidden module issue.

tags | exploit
SHA-256 | 1b1fb21479c9efc8470b2ac366523aa69e0f3f5599cec5c5c3acb8af5ef31702
Samsung RKP Kernel Protection Bypass
Posted Mar 29, 2017
Authored by Google Security Research, laginimaineb

Samsumg suffers from an RKP kernel protection bypass via lack of MSR trapping on Qualcomm devices.

tags | advisory, kernel
SHA-256 | 0dbe80fe47e0d163198f99af0f2dd6414287047cc82447e99da5cf0bff3da457
Safari Bound Function Out-Of-Bounds Read
Posted Mar 29, 2017
Authored by Google Security Research, natashenka

Safari performs an out-of-bounds read when calling the bound function.

tags | exploit
advisories | CVE-2017-2447
SHA-256 | c34419dbfdc88927512ecd0928e9ba0ad20ee01eb077380d69ea9fd9a6bd1bc8
Page 1 of 22
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close