Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-06-08

OTRS Install Dialog Disclosure
Posted Jun 8, 2017
Authored by Sebastian Auwarter

Due to insufficient checking of privileges, it is possible to access the OTRS Install dialog of an already installed instance, which enables an authenticated attacker to change the database settings, superuser password, mail server settings, log file location and other parameters. Versions affected include OTRS 5.0.x, OTRS 4.0.x, and OTRS 3.3.x.

tags | exploit
advisories | CVE-2017-9324
MD5 | efafc0e41477df3d84615060123f01b0
Apache Ranger 0.5.x / 0.6.x / 0.7.0 Policy Miss / Permission Check
Posted Jun 8, 2017
Authored by Velmurugan Periasamy

Apache Ranger versions prior to 0.7.1 suffer from issues where policy evaluation ignores characters after the asterisk wildcard character and the Hive Authorizer fails to check for RWX permission when an external location is specified.

tags | advisory
advisories | CVE-2017-7676, CVE-2017-7677
MD5 | 6d77dc16f90a8e3797fedf91e0d9afc8
Libquicktime 1.2.4 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The quicktime_read_moov function in moov.c in libquicktime version 1.2.4 can cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.

tags | exploit, denial of service
advisories | CVE-2017-9122, CVE-2017-9123, CVE-2017-9124, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127, CVE-2017-9128
MD5 | 44cf24e9e12a5864bcbd2fcafd860750
Libcroco 0.6.12 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco version 0.6.12 can cause a denial of service (memory allocation error) via a crafted CSS file.

tags | exploit, denial of service
advisories | CVE-2017-8834
MD5 | 8ab9956d195dd76c2a9ee21616fed772
HP Security Bulletin HPESBGN03758 1
Posted Jun 8, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03758 1 - A potential security vulnerability has been identified in HPE UCMDB. The vulnerability could be remotely exploited to allow execution of code. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-8947
MD5 | 8477eee1224f7a75c39bdfb3c10994bf
HP Security Bulletin HPESBHF03757 1
Posted Jun 8, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03757 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5 and Comware 7. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-4953, CVE-2016-4954, CVE-2016-4956, CVE-2016-4957
MD5 | 7d792df9a8d171157fab09102b52aca3
Red Hat Security Advisory 2017-1417-01
Posted Jun 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1417-01 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | 99cf9de68f8e84856df2d79d2efa7399
Linux Kernel keyctl_set_reqkey_keyring Denial Of Service
Posted Jun 8, 2017
Authored by Marcus Meissner

Linux Kernel versions prior to 4.10.13 suffer from a keyctl_set_reqkey_keyring local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-7472
MD5 | 5537c76b901295124a6a34e3ee846129
PuTTY ssh_agent_channel_data Integer Overflow
Posted Jun 8, 2017
Authored by Tim Kosse

PuTTY versions prior to 0.68 suffer from an ssh_agent_channel_data integer overflow heap corruption vulnerability.

tags | exploit, overflow
advisories | CVE-2017-6542
MD5 | f8c6fafa56469fea00ed681d01e21b33
Artifex MuPDF mutool Null Pointer Dereference
Posted Jun 8, 2017
Authored by Kamil Frankowicz

Artifex MuPDF mutool suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-5991
MD5 | 4eb0cf875754fe1df7d995d59eb9d94e
VMware Workstation 12 Pro Denial Of Service
Posted Jun 8, 2017
Authored by Borja Merino

VMware Workstation version 12 Pro suffers from a null pointer dereference in the vstor2 driver.

tags | exploit, denial of service
advisories | CVE-2017-4916
MD5 | d862df7153ee21e797c4f41c85f8dd9d
Wireshark 2.2.12 ROS Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark versions 2.2.0 through 2.2.12 suffer from a ROS dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9347
MD5 | e4245cc557ad0dd74e4e5220da70fdd9
Linux Kernel ping Denial Of Service
Posted Jun 8, 2017
Authored by Daniel Jiang

The Linux kernel suffers from a ping local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-2671
MD5 | 050caf0f2bba36f695336234f51ebdcd
Wireshark 2.2.6 IPv6 Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark version 2.2.6 suffers from an IPv6 dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9353
MD5 | b152c5fccea7e192eb3b90b6837915e7
Artifex MuPDF mujstest 1.10a Null Pointer Dereference
Posted Jun 8, 2017
Authored by Agostino Sarubbo

Artifex MuPDF mujstest version 1.10a suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-6060
MD5 | 2559a30aa483f0c6fede5684500fa67f
Net Monitor For Employees Pro Privilege Escalation
Posted Jun 8, 2017
Authored by Saeid Atabaki

Net Monitor for Employees Pro versions prior to 5.3.4 suffer from an unquoted service path privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-7180
MD5 | 2599b38b695b5f361244b28ccab63797
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    9 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    34 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close