exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-04-03

Red Hat Security Advisory 2017-0868-01
Posted Apr 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0868-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-5783, CVE-2015-1427, CVE-2016-1000229, CVE-2016-6812, CVE-2016-6814, CVE-2016-8739, CVE-2016-9177, CVE-2017-3159
SHA-256 | b44baec06b4aa30482485d1d8aad1f8dcd12a8a67d5b08f4763ee3b328caa8b9
Ubuntu Security Notice USN-3253-1
Posted Apr 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3253-1 - It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, cgi
systems | linux, ubuntu
advisories | CVE-2013-7108, CVE-2013-7205, CVE-2014-1878, CVE-2016-9566
SHA-256 | c79b4480ec225f484a4c3353e13bf0f2725307d7e9ba6254c20baa738cf5326f
Gentoo Linux Security Advisory 201804-02
Posted Apr 3, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-2 - Multiple vulnerabilities have been found in glibc, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 2.25-r11 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14062, CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, CVE-2017-16997, CVE-2018-1000001, CVE-2018-6485, CVE-2018-6551
SHA-256 | 20bcb176dc8f678b8fcebb3c25e5481340c2a49599d9b052bbd05cff312da576
Ubuntu Security Notice USN-3617-2
Posted Apr 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3617-2 - USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-15129, CVE-2017-16532, CVE-2017-16537, CVE-2017-16645, CVE-2017-16646, CVE-2017-16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-16994, CVE-2017-17448, CVE-2017-17450, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807, CVE-2017-18204, CVE-2018-1000026, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344
SHA-256 | 0f276e7a9b2bfbe06e0d855d178a4c603928a7a485688ab62d5262889acef454
Gentoo Linux Security Advisory 201804-01
Posted Apr 3, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201804-1 - Multiple vulnerabilities were discovered in libxslt, the worst of which may allow a remote attacker to execute arbitrary code. Versions less than 1.1.30 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-4738, CVE-2017-5029
SHA-256 | d1879b034e5fc47ed24dc480f47c4e7a0c8ee1432d5e5748e9cd53782da9a161
Ubuntu Security Notice USN-3617-1
Posted Apr 3, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3617-1 - It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-15129, CVE-2017-16532, CVE-2017-16537, CVE-2017-16645, CVE-2017-16646, CVE-2017-16647, CVE-2017-16649, CVE-2017-16650, CVE-2017-16994, CVE-2017-17448, CVE-2017-17450, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807, CVE-2017-18204, CVE-2018-1000026, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344
SHA-256 | fe4a210e922b4739e377a7859b8122e447d7ffe0cc9c2252e70ad5829f91e7d1
Mongoose OS 1.2 Use-After-Free / Denial Of Service
Posted Apr 3, 2017
Authored by Philipp Promeuschel, Stephan Sekula, Carel van Rooyen

Mongoose OS versions 1.2 and below suffers from use-after-free and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2017-7185
SHA-256 | 29230e265e6385403b48459f9970358441ef14a35850ac8f58e0c0615ecbb02c
Kony EMM 4.2.0 Private Key Disclosure
Posted Apr 3, 2017
Authored by Ayman Almajid

Kony Enterprise Mobile Management version 4.2.0 suffers from a private key disclosure vulnerability.

tags | exploit
advisories | CVE-2017-5672
SHA-256 | dfac23b8cfe379e80ab577f0e5961abd9d7facc3a6363c97daf642b809407477
Red Hat Security Advisory 2017-0863-01
Posted Apr 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0863-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | 131beb38cc9b40830d94c90e126d4e23e59e6a45e730087ab1ac6ab776c32045
Red Hat Security Advisory 2017-0862-01
Posted Apr 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0862-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 was retired on March 31, 2017, at the end of Production Phase 3 and active support is no longer provided. As the product will now be in the Extended Life Phase, customers will continue to have access to all previously released content, and limited technical support will be available through Red Hat's Customer Experience and Engagement as described in the Knowledge Base article available at https://access.redhat.com/articles/64664. However, we recognize that some customers will wish to remain on Red Hat Enterprise Linux 5 even after the March 31, 2017 retirement date. To meet this customer requirement, Red Hat will offer customers the option to purchase the Extended Life Cycle Support Add-On as an annually renewable subscription. This ELS Add-On provides customers with up to an additional three and a half years of Critical Impact security fixes and selected Urgent Priority bug fixes for Red Hat Enterprise Linux 5.11. Red Hat Enterprise Linux 5 ELS coverage will conclude on November 30, 2020.

tags | advisory, web
systems | linux, redhat
SHA-256 | d20db9cfe243dcc9600d667c3912980b508184bbf305692a5b59f606afb7193f
Red Hat Security Advisory 2017-0861-01
Posted Apr 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0861-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.6 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 5.6 AMC after March 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | 73af0a91302880b0fda84ff2a350359ef8afc8ca8e1ada416d43d14f11c22c58
Red Hat Security Advisory 2017-0864-01
Posted Apr 3, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0864-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.1 was retired on March 31, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.1 EUS after March 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | 1726950944e029aa9e87b05926c45da5d19892259fd9378d3a11527bf5a608d1
Dell OpenManage Server Administrator 8.4 Directory Traversal
Posted Apr 3, 2017
Authored by Harrison Neal

OpenManage Server Administrator version 8.4 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2016-4004
SHA-256 | 64df1022197272561fbf522b26472bc450a0c8b7c4f7cf66729ba27dcad0eadc
PHP 7.1.2 fsockopen Misbehavior
Posted Apr 3, 2017
Authored by Fikri Fadzil | Site sec-consult.com

PHP version 7.1.2 suffers from an incorrect behavior with fsockopen.

tags | exploit, php
SHA-256 | f95a66bf357d7a4d4cc45ea50c1c6154b09b14db99cf7f747b69412d4f11e0e0
Apple Security Advisory 2017-04-03-1
Posted Apr 3, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-04-03-1 - iOS 10.3.1 is now available and addresses a wifi vulnerability.

tags | advisory
systems | apple, ios
advisories | CVE-2017-6975
SHA-256 | 8b5f0e4a03e750a7b56884a02e8dfd789cb35bb0287acfccf2e07d060e4d0524
GeoMoose 2.9.2 Directory Traversal
Posted Apr 3, 2017
Authored by Sander Ferdinand

GeoMoose versions 2.9.2 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | e8ffd351cb42c9c1aa1f94365a6e68fff547aebacc6c9e8b8dfc861633983dd6
Chimein.mozilla.org Cross Site Scripting
Posted Apr 3, 2017
Authored by Yann CAM

Chimein.mozilla.org suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 677bf08f3abab45727864c625f11fef8a1d0809f03498843151760f1272f19e3
BlueCoat CAS 1.3.7.1 Privilege Escalation
Posted Apr 3, 2017
Authored by Chris Hebert, Corey Boyd, Pete Paccione | Site metasploit.com

This Metasploit module abuses the sudo access granted to tomcat and the mvtroubleshooting.sh script to escalate privileges. In order to work, a tomcat session with access to sudo on the sudoers is needed. This Metasploit module is useful for post exploitation of BlueCoat vulnerabilities, where typically web server privileges are acquired, and this user is allowed to execute sudo on the sudoers file.

tags | exploit, web, vulnerability
advisories | CVE-2016-9091
SHA-256 | e2893d0c823a71c5e42bc07dcb197f2a382e0587c64f12ee1c7ad55690e5b7f2
360-FAAR Firewall Analysis Audit And Repair 0.6.1
Posted Apr 3, 2017
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: Various updates.
tags | tool, perl
systems | unix
SHA-256 | f2753c34c9883dfe15003f5b0814c44255ff34cfd31b9a7bf514172123ed05ff
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close