exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-06-08

OTRS Install Dialog Disclosure
Posted Jun 8, 2017
Authored by Sebastian Auwarter | Site syss.de

Due to insufficient checking of privileges, it is possible to access the OTRS Install dialog of an already installed instance, which enables an authenticated attacker to change the database settings, superuser password, mail server settings, log file location and other parameters. Versions affected include OTRS 5.0.x, OTRS 4.0.x, and OTRS 3.3.x.

tags | exploit
advisories | CVE-2017-9324
SHA-256 | 21f3598970b7ae6cfb31cada4cccc9ed918166bc63d7eb4d159c64b23c2c0334
Apache Ranger 0.5.x / 0.6.x / 0.7.0 Policy Miss / Permission Check
Posted Jun 8, 2017
Authored by Velmurugan Periasamy

Apache Ranger versions prior to 0.7.1 suffer from issues where policy evaluation ignores characters after the asterisk wildcard character and the Hive Authorizer fails to check for RWX permission when an external location is specified.

tags | advisory
advisories | CVE-2017-7676, CVE-2017-7677
SHA-256 | 6814bd6c1f907764b02dff3ce088b9bd5663fc3d7909eb7b4800f10d2cd5fd82
Libquicktime 1.2.4 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The quicktime_read_moov function in moov.c in libquicktime version 1.2.4 can cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.

tags | exploit, denial of service
advisories | CVE-2017-9122, CVE-2017-9123, CVE-2017-9124, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127, CVE-2017-9128
SHA-256 | fb9cf4176e1bb9ffeb25e2984a3e0059e422f89b9a9d4df21f9c53fec333b33d
Libcroco 0.6.12 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco version 0.6.12 can cause a denial of service (memory allocation error) via a crafted CSS file.

tags | exploit, denial of service
advisories | CVE-2017-8834
SHA-256 | 366b354d9941351241af58cad87bacc3ce236b5504a9d75b69f7f88ab2e202f7
HPE Security Bulletin HPESBGN03758 1
Posted Jun 8, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03758 1 - A potential security vulnerability has been identified in HPE UCMDB. The vulnerability could be remotely exploited to allow execution of code. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-8947
SHA-256 | abc2c33ff154d52595c7f537357e1616e0abb2d83811033e13fbdeaa58679370
HPE Security Bulletin HPESBHF03757 1
Posted Jun 8, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03757 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5 and Comware 7. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-4953, CVE-2016-4954, CVE-2016-4956, CVE-2016-4957
SHA-256 | 8ebfadf170d8633a6909f8a457571f141c45d90c5465ec0a3703ee10cecd1e08
Red Hat Security Advisory 2017-1417-01
Posted Jun 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1417-01 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
SHA-256 | 2fd26e9591f0b2af566c13e0715e149d459ccde23acb9dba984c861a8c4fde23
Linux Kernel keyctl_set_reqkey_keyring Denial Of Service
Posted Jun 8, 2017
Authored by Marcus Meissner

Linux Kernel versions prior to 4.10.13 suffer from a keyctl_set_reqkey_keyring local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-7472
SHA-256 | eb31ce0a0f03adae308aa72256412f48eb27210c5ccb26b03e8f3b4580d6441b
PuTTY ssh_agent_channel_data Integer Overflow
Posted Jun 8, 2017
Authored by Tim Kosse

PuTTY versions prior to 0.68 suffer from an ssh_agent_channel_data integer overflow heap corruption vulnerability.

tags | exploit, overflow
advisories | CVE-2017-6542
SHA-256 | 01e34d1eeb4771600c59ed6fed2a9ba72439204dcc18f929f87585e682764827
Artifex MuPDF mutool Null Pointer Dereference
Posted Jun 8, 2017
Authored by Kamil Frankowicz

Artifex MuPDF mutool suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-5991
SHA-256 | 7013d145c88072d2d4c78b5a62708d12329121691da376896f143cf4f57b8d5d
VMware Workstation 12 Pro Denial Of Service
Posted Jun 8, 2017
Authored by Borja Merino

VMware Workstation version 12 Pro suffers from a null pointer dereference in the vstor2 driver.

tags | exploit, denial of service
advisories | CVE-2017-4916
SHA-256 | 7dfc050bb48e7fd3b5f6f5be7c4012afeed48c5754f9d1334d7a8ca265bdacf5
Wireshark 2.2.12 ROS Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark versions 2.2.0 through 2.2.12 suffer from a ROS dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9347
SHA-256 | 16394a2d5c693e2e2ed21e655e6209bda5b287e94eefdc1dcb333a517ec241fe
Linux Kernel ping Denial Of Service
Posted Jun 8, 2017
Authored by Daniel Jiang

The Linux kernel suffers from a ping local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-2671
SHA-256 | fc0425f288a46253c0792ede11b0a0ab20d3fe0827d81475ae90660602f38d3b
Wireshark 2.2.6 IPv6 Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark version 2.2.6 suffers from an IPv6 dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9353
SHA-256 | eb7e25793f0dd5785af0848e65f89921f4ec2f9d4db13c5e9f1b105a620ab7cb
Artifex MuPDF mujstest 1.10a Null Pointer Dereference
Posted Jun 8, 2017
Authored by Agostino Sarubbo

Artifex MuPDF mujstest version 1.10a suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-6060
SHA-256 | 3ebd5bf726849372ff64c9cbf1962799127cc01164e3fc83a1ad4178c90b99fc
Net Monitor For Employees Pro Privilege Escalation
Posted Jun 8, 2017
Authored by Saeid Atabaki

Net Monitor for Employees Pro versions prior to 5.3.4 suffer from an unquoted service path privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-7180
SHA-256 | a79969f6479c7124bc98763ecfeb997796c5d7e793924ab921f7aa2b83a87483
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close