what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-06-08

OTRS Install Dialog Disclosure
Posted Jun 8, 2017
Authored by Sebastian Auwarter

Due to insufficient checking of privileges, it is possible to access the OTRS Install dialog of an already installed instance, which enables an authenticated attacker to change the database settings, superuser password, mail server settings, log file location and other parameters. Versions affected include OTRS 5.0.x, OTRS 4.0.x, and OTRS 3.3.x.

tags | exploit
advisories | CVE-2017-9324
MD5 | efafc0e41477df3d84615060123f01b0
Apache Ranger 0.5.x / 0.6.x / 0.7.0 Policy Miss / Permission Check
Posted Jun 8, 2017
Authored by Velmurugan Periasamy

Apache Ranger versions prior to 0.7.1 suffer from issues where policy evaluation ignores characters after the asterisk wildcard character and the Hive Authorizer fails to check for RWX permission when an external location is specified.

tags | advisory
advisories | CVE-2017-7676, CVE-2017-7677
MD5 | 6d77dc16f90a8e3797fedf91e0d9afc8
Libquicktime 1.2.4 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The quicktime_read_moov function in moov.c in libquicktime version 1.2.4 can cause a denial of service (infinite loop and CPU consumption) via a crafted mp4 file.

tags | exploit, denial of service
advisories | CVE-2017-9122, CVE-2017-9123, CVE-2017-9124, CVE-2017-9125, CVE-2017-9126, CVE-2017-9127, CVE-2017-9128
MD5 | 44cf24e9e12a5864bcbd2fcafd860750
Libcroco 0.6.12 Denial Of Service
Posted Jun 8, 2017
Authored by qflb.wu

The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco version 0.6.12 can cause a denial of service (memory allocation error) via a crafted CSS file.

tags | exploit, denial of service
advisories | CVE-2017-8834
MD5 | 8ab9956d195dd76c2a9ee21616fed772
HPE Security Bulletin HPESBGN03758 1
Posted Jun 8, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03758 1 - A potential security vulnerability has been identified in HPE UCMDB. The vulnerability could be remotely exploited to allow execution of code. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-8947
MD5 | 8477eee1224f7a75c39bdfb3c10994bf
HPE Security Bulletin HPESBHF03757 1
Posted Jun 8, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03757 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5 and Comware 7. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-4953, CVE-2016-4954, CVE-2016-4956, CVE-2016-4957
MD5 | 7d792df9a8d171157fab09102b52aca3
Red Hat Security Advisory 2017-1417-01
Posted Jun 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1417-01 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
MD5 | 99cf9de68f8e84856df2d79d2efa7399
Linux Kernel keyctl_set_reqkey_keyring Denial Of Service
Posted Jun 8, 2017
Authored by Marcus Meissner

Linux Kernel versions prior to 4.10.13 suffer from a keyctl_set_reqkey_keyring local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-7472
MD5 | 5537c76b901295124a6a34e3ee846129
PuTTY ssh_agent_channel_data Integer Overflow
Posted Jun 8, 2017
Authored by Tim Kosse

PuTTY versions prior to 0.68 suffer from an ssh_agent_channel_data integer overflow heap corruption vulnerability.

tags | exploit, overflow
advisories | CVE-2017-6542
MD5 | f8c6fafa56469fea00ed681d01e21b33
Artifex MuPDF mutool Null Pointer Dereference
Posted Jun 8, 2017
Authored by Kamil Frankowicz

Artifex MuPDF mutool suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-5991
MD5 | 4eb0cf875754fe1df7d995d59eb9d94e
VMware Workstation 12 Pro Denial Of Service
Posted Jun 8, 2017
Authored by Borja Merino

VMware Workstation version 12 Pro suffers from a null pointer dereference in the vstor2 driver.

tags | exploit, denial of service
advisories | CVE-2017-4916
MD5 | d862df7153ee21e797c4f41c85f8dd9d
Wireshark 2.2.12 ROS Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark versions 2.2.0 through 2.2.12 suffer from a ROS dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9347
MD5 | e4245cc557ad0dd74e4e5220da70fdd9
Linux Kernel ping Denial Of Service
Posted Jun 8, 2017
Authored by Daniel Jiang

The Linux kernel suffers from a ping local denial of service vulnerability.

tags | exploit, denial of service, kernel, local
systems | linux
advisories | CVE-2017-2671
MD5 | 050caf0f2bba36f695336234f51ebdcd
Wireshark 2.2.6 IPv6 Dissector Denial Of Service
Posted Jun 8, 2017
Authored by OSS-Fuzz

Wireshark version 2.2.6 suffers from an IPv6 dissector denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-9353
MD5 | b152c5fccea7e192eb3b90b6837915e7
Artifex MuPDF mujstest 1.10a Null Pointer Dereference
Posted Jun 8, 2017
Authored by Agostino Sarubbo

Artifex MuPDF mujstest version 1.10a suffers from a null pointer dereference vulnerability.

tags | exploit
advisories | CVE-2017-6060
MD5 | 2559a30aa483f0c6fede5684500fa67f
Net Monitor For Employees Pro Privilege Escalation
Posted Jun 8, 2017
Authored by Saeid Atabaki

Net Monitor for Employees Pro versions prior to 5.3.4 suffer from an unquoted service path privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-7180
MD5 | 2599b38b695b5f361244b28ccab63797
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close