Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-05-22

HP Security Bulletin HPESBHF03744 1
Posted May 22, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03744 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Intelligent Management Center (iMC) PLAT. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-7053, CVE-2016-7054, CVE-2016-7055
MD5 | ea7008c3c432711f7a0df4d47b9c165f
Mantis Bug Tracker 1.3.10 / 2.3.0 Cross Site Request Forgery
Posted May 22, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7620
MD5 | 41e0b9f5db14efa67c836d0f2df4b6f0
Debian Security Advisory 3858-1
Posted May 22, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3858-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in privilege escalation, denial of service, newline injection in SMTP or use of insecure cryptography.

tags | advisory, java, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
MD5 | f12bcb568bbff004f7da1df6275f79b1
Red Hat Security Advisory 2017-1262-01
Posted May 22, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1262-01 - The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.

tags | advisory, remote, memory leak
systems | linux, redhat
advisories | CVE-2017-8779
MD5 | d7066d82fa5c66fdf39eec036fbe66da
Red Hat Security Advisory 2017-1263-01
Posted May 22, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1263-01 - The libtirpc packages contain SunLib's implementation of transport-independent remote procedure call documentation, which includes a library required by programs in the nfs-utils and rpcbind packages. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.

tags | advisory, remote, memory leak
systems | linux, redhat
advisories | CVE-2017-8779
MD5 | a9e7d4f0f42fe092cf47afd3b014fefe
Red Hat Security Advisory 2017-1265-01
Posted May 22, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1265-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2125, CVE-2016-2126, CVE-2017-2619
MD5 | 93d3cb040ef91777b3a13b542c597b1d
Red Hat Security Advisory 2017-1264-01
Posted May 22, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1264-01 - The K Desktop Environment is a graphical desktop environment for the X Window System. The kdelibs packages include core libraries for the K Desktop Environment. Security Fix: A privilege escalation flaw was found in the way kdelibs handled D-Bus messages. A local user could potentially use this flaw to gain root privileges by spoofing a callerID and leveraging a privileged helper application.

tags | advisory, local, root, spoof
systems | linux, redhat
advisories | CVE-2017-8422
MD5 | b3951c719e034c7bcdfb810e25ac1d7e
VMWare Workstation On Linux Privilege Escalation
Posted May 22, 2017
Authored by Jann Horn, Google Security Research

This vulnerability permits an unprivileged user on a Linux machine on which VMWare Workstation is installed to gain root privileges. The issue is that, for VMs with audio, the privileged VM host process loads libasound, which parses ALSA configuration files, including one at ~/.asoundrc. libasound is not designed to run in a setuid context and deliberately permits loading arbitrary shared libraries via dlopen().

tags | exploit, arbitrary, root
systems | linux
advisories | CVE-2017-4915
MD5 | 6cd7c22bba1395ea99fb53bce68676a2
Atlassian SourceTree 2.5c Command Execution
Posted May 22, 2017
Authored by Yu Hong

Atlassian SourceTree versions 2.5c and below suffer from a command injection vulnerability. This advisory gives a ridiculously small amount of information regarding the issue itself.

tags | advisory
advisories | CVE-2017-8768
MD5 | 1e041c7bb009d812f48aa8bc42b80f63
DAVOSET 1.3.3
Posted May 22, 2017
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: In new version there was added support of Tor as a proxy. Based on Socks support since v.1.2 at 26.04.2014. Also there were added new services into full list of zombies and removed non-working services from it.
tags | tool, denial of service
MD5 | e3be4c48bb147bc8e64021a746764dfc
Asterisk 14.4.0 Skinny Denial Of Service
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 with chan_skinny enabled suffers from a memory exhaustion vulnerability that can lead to a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 2a53a018e7760934bc7c0fb189920799
Asterisk 14.4.0 PJSIP 2.6 Denial Of Service
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 running chan_pjsip with PJSIP version 2.6 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | f49b5e4d52c26c6e0a76dcc3d9c9f48c
Asterisk 14.4.0 PJSIP 2.6 Heap Overflow
Posted May 22, 2017
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 14.4.0 with PJSIP version 2.6 suffers from a heap overflow vulnerability in CSEQ header parsing.

tags | exploit, overflow
MD5 | ffae82070b494ad6a86bd977ef721698
VMWare Horizon 5.4 DLL Hijacking
Posted May 22, 2017
Authored by Owais Mehtab, Tayeeb Rana

VMWare Horizon client version 5.4 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | c00ff52553fc03783e70e427c0ab7515
HP SimplePass 8.x Local Privilege Escalation
Posted May 22, 2017
Authored by Rehan Ahmed

HP SimplePass versions 8.00.49, 8.00.57, and 8.01.46 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | ea0b633ccda7a8a5b67d448b34bbd3da
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    2 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    22 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close