what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-04-25

Dell Customer Connect 1.3.28.0 Privilege Escalation
Posted Apr 25, 2017
Authored by Kacper Szurek

Dell Customer Connect (DCCService.exe) version 1.3.28.0 suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 01adb10edf42c5c531eefc99d7226ee312a57ead81179ddea9469321e3875f5e
OpenText Documentum Content Server SQL Injection
Posted Apr 25, 2017
Authored by Andrey B. Panfilov

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2513. This code is a proof of concept exploit.

tags | exploit, remote, arbitrary, sql injection, proof of concept
advisories | CVE-2014-2513, CVE-2015-4533, CVE-2017-7221
SHA-256 | 075e41464f5a5b594ef398cfbdc839e338020d08e61a4d818296c681db42b4d7
Ubuntu Security Notice USN-3266-2
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3266-2 - USN-3266-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2017-5986
SHA-256 | 38bf0e1ebe7b487031f7f129018d145bb062758b3fcb637423c23f99910dc876
Ubuntu Security Notice USN-3265-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3265-1 - It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348, CVE-2017-7374
SHA-256 | 458544e325eb238c58004371dbe9356a95171c61c3dbdaeb26265ab61d0a46c5
Ubuntu Security Notice USN-3265-2
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3265-2 - USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5669, CVE-2017-5897, CVE-2017-5970, CVE-2017-5986, CVE-2017-6214, CVE-2017-6345, CVE-2017-6346, CVE-2017-6347, CVE-2017-6348, CVE-2017-7374
SHA-256 | 0c9967de91275097ac2b964a5f5f15ab25ba17e3a65406a24207ac40379c8d83
Ubuntu Security Notice USN-3266-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3266-1 - Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-5986
SHA-256 | 388005729548db4ef2fb458e260c25a00a658e1fc5e6cc30a86ff9544d66f5cd
Ubuntu Security Notice USN-3264-2
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3264-2 - USN-3264-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2017-5986
SHA-256 | 08bd22ddd449f23f83690f03bef696d4220beacfda3e370c51c533548712002a
Ubuntu Security Notice USN-3267-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3267-1 - Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-2619
SHA-256 | 380cf9bf4beda1eda84eea11a36b4452ad006b1cfa8e93c8e4f2d3defff5110c
Ubuntu Security Notice USN-3268-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3268-1 - Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Jann Horn discovered that QEMU incorrectly handled VirtFS directory sharing. A privileged attacker inside the guest could use this issue to access files on the host file system outside of the shared directory and possibly escalate their privileges. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10028, CVE-2016-8667, CVE-2016-9602, CVE-2016-9603, CVE-2016-9908, CVE-2016-9912, CVE-2016-9914, CVE-2017-5552, CVE-2017-5578, CVE-2017-5987, CVE-2017-6505
SHA-256 | 55219cd93a67e26cc2c98285217c82a6a4c4a415f32a2bc50c406be0dfd12705
Ubuntu Security Notice USN-3264-1
Posted Apr 25, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3264-1 - Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-5986
SHA-256 | 5617bdc6e6c1ccc15c09b9257b1ec4cce82e101317b00bd377fd23662ed06fa8
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 25, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | df5e943771e59fc2289df3af757bd1a57e0e1c52504d2a66c7b611ab1f057e98
Debian Security Advisory 3833-1
Posted Apr 25, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3833-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2016-9821, CVE-2016-9822
SHA-256 | 8d692af2b943bea43208aef15f7da5e70206cdcf1a91c28cbe75076b9a37add4
Red Hat Security Advisory 2017-1126-01
Posted Apr 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1126-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-2636
SHA-256 | 34d392e00adb86300a44fe21a8d79fc93f1e9dbf79ba5dc3b3e00240e2bbc6be
Red Hat Security Advisory 2017-1125-01
Posted Apr 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1125-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-2636
SHA-256 | 7112adc140cf091a6d4e364b6e09c73a98b1eea23f7cd1fef5eb48900766f898
Red Hat Security Advisory 2017-1124-01
Posted Apr 25, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1124-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 58.0.3029.81. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
SHA-256 | e325fa775ede1fe0fa9d26ba89abf5e87c0e726c82d6a6adb5a3e13ea26b42d1
OXATIS 2017 Cross Site Scripting
Posted Apr 25, 2017
Authored by HTTPCS

OXATIS 2017 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b4ff5aa49a3b93d6b92ea4d397b075e42df21186055dbc33740a7c44b12f9701
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close