exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-05-19

Debian Security Advisory 3856-1
Posted May 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3856-1 - Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).

tags | advisory, web, vulnerability, csrf
systems | linux, debian
advisories | CVE-2017-7178, CVE-2017-9031
SHA-256 | ffd4b2a7a8f00187b94f35a5055d76e483f4645d61a3bcd2ed54463b4ab27be8
HPE Security Bulletin HPESBGN03748 1
Posted May 19, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03748 1 - A potential security vulnerability has been identified in HPE Cloud Optimizer. The vulnerability could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-8944
SHA-256 | 7483e63110b0bf1c8c541a2f924bb2bf09ca0c60d99d6ea43f0e7571351d4d97
Ceragon FibeAir IP-10 7.2.0 Hidden User Backdoor
Posted May 19, 2017
Authored by Ian Ling

Ceragon FibeAir IP-10 versions 7.2.0 and below suffer from a hidden user backdoor vulnerability.

tags | exploit
advisories | CVE-2015-0936
SHA-256 | 19d0253d67bfd5628b69787c405f7a3c2992c6236010db3ca5711b8a3408d169
Western Digital TV Media Player 1.03.07 LFI / CSRF / File Upload
Posted May 19, 2017
Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com

Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, file upload, csrf
SHA-256 | 385687d49d2c40482bc4095866410a41b9a17b1428c065bcb0a4be85c09e9a45
Red Hat Security Advisory 2017-1256-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1256-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 66a0b9ebd91f3d58b18c164ce18f959b822d47b029a739de04202319a8322641
Red Hat Security Advisory 2017-1253-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1253-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 5a4ec3b1227c9241673259dff46a3a8629ad441ccc88aaeb18290d488426c5d1
Red Hat Security Advisory 2017-1259-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1259-01 - Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fix: It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7470
SHA-256 | 42ce9b171df841e7dba3df7165abf9639f62c061e6efdad41a6d0829ddcebc04
Ubuntu Security Notice USN-3275-3
Posted May 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3275-3 - USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem. It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. Various other issues were also addressed.

tags | advisory, java, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | b6267488b59a31e9e6e0acbee223e59d7a111c146fc457952a554fc22c390435
Ubuntu Security Notice USN-3295-1
Posted May 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3295-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10249, CVE-2016-10251, CVE-2016-1867, CVE-2016-2089, CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8882, CVE-2016-9560, CVE-2016-9591
SHA-256 | b62194c8b668f64ae29e7257348391b5c012a8addd0decc9b4f7c298876675a3
Red Hat Security Advisory 2017-1255-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1255-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 908877da3f1cfc9dfca69965316818a94445a7d83eafed2908514e284a7b6ae4
Red Hat Security Advisory 2017-1260-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1260-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.15. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | f8dede59460b3e91131da210ce201d95cfb51359708c5aedfa61beace085aa8c
Red Hat Security Advisory 2017-1254-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1254-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 4a6d3b6826b17d73c6e89756d374ffc7b8d743c626ed1841cace3e0cb5b75665
Kodak InSite 8.0 Cross Site Scripting
Posted May 19, 2017
Authored by Ricardo Sanchez

Kodak InSite versions 6.5. through 8.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | edfdb5072d2100ae5816327aa1047bf156b40a14eb41a16b1e0dfe93a6055864
Nixauditor CIS Script 1.1
Posted May 19, 2017
Authored by Alfie | Site the-infosec.com

Nixauditor is a script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines.

Changes: Audit script enabling user to audit Kernel info, Kernel versions, Specific release information, Current user/group info, Users that have previously logged onto the system, All users and uid/gid info. General CIS Checks (over 100 security checks).
tags | tool
systems | linux, unix
SHA-256 | c895b4f499689b377e4a2360b02832996b972639b6e2ed8b1a1c145eefa9cfa1
WhatsApp Failure To Delete
Posted May 19, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

WhatsApp Messenger for Android does not delete sent and received files from the SD card on the device when chats are cleared, deleted or the application is uninstalled from the device. Additionally, the application stores sent and received files in the SD card without encryption where they are accessible to any applications with storage permissions.

tags | advisory
advisories | CVE-2017-8769
SHA-256 | 33e5802bd2f7506103d2ccc503733ef058009d057af1f25c56e0615d0d99772f
Belden GarrettCom 6K / 10KT Bypass / Disclosure / Buffer Overflow
Posted May 19, 2017
Authored by David Tomaschik

Belden GarrettCom 6K and 10KT series suffer from suffers from buffer overflow, authentication bypass, information disclosure, and other vulnerabilities.

tags | exploit, overflow, vulnerability, info disclosure
SHA-256 | 49d1717295169be58fe33b4c7d8306f29f0d9e8f045dbaf9cda485d36d3f2e48
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close