Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-06-22

Cisco Prime Infrastructure 3.1.6 XXE Injection / XSS / LFD / SQL Injection
Posted Jun 22, 2017
Authored by P. Morimoto | Site sec-consult.com

Cisco Prime Infrastructure versions 1.1 through 3.1.6 suffer from cross site scripting, XML external entity injection, file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
systems | cisco
advisories | CVE-2017-6662, CVE-2017-6698, CVE-2017-6699, CVE-2017-6700
MD5 | a015626c21297363f1b2f3b6319821c8
Gentoo Linux Security Advisory 201706-21
Posted Jun 22, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-21 - A cache-related side channel vulnerability was found in nettle which might allow an attacker to obtain sensitive information. Versions less than 3.2-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-6489
MD5 | a3cbce443396e3e01768173890c30f42
Ubuntu Security Notice USN-3339-1
Posted Jun 22, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3339-1 - Karthikeyan Bhargavan and Gaetan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warning to the log file when a 64-bit block cipher is in use. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that OpenVPN incorrectly handled rollover of packet ids. An authenticated remote attacker could use this issue to cause OpenVPN to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-6329, CVE-2017-7479, CVE-2017-7508, CVE-2017-7512, CVE-2017-7520, CVE-2017-7521
MD5 | d3cafbb3d6cf1f0190409317b5d44266
Gentoo Linux Security Advisory 201706-23
Posted Jun 22, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-23 - Multiple vulnerabilities have been found in Urban Terror, the worst of which allows for the remote execution of arbitrary code. Versions less than 4.3.2_p20170426 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1412, CVE-2011-2764, CVE-2011-3012, CVE-2012-3345
MD5 | 4f0ee8947eb20edbfc34b50ad0edb456
Debian Security Advisory 3893-1
Posted Jun 22, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3893-1 - Alvaro Munoz and Christian Schneider discovered that jython, an implementation of the Python language seamlessly integrated with Java, is prone to arbitrary code execution triggered when sending a serialized function to the deserializer.

tags | advisory, java, arbitrary, code execution, python
systems | linux, debian
advisories | CVE-2016-4000
MD5 | b8ba5a4ab403058f5b4a58ef979ff381
Gentoo Linux Security Advisory 201706-22
Posted Jun 22, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-22 - Multiple vulnerabilities have been found in libksba which might allow remote attackers to obtain sensitive information or crash an libksba-based application. Versions less than 1.3.5 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2016-4579
MD5 | 92182dff40a0bcb25b688b2ada8caaef
SimpleRisk 20170416-001 Cross Site Scripting
Posted Jun 22, 2017
Authored by LiquidWorm | Site zeroscience.mk

SimpleRisk version 20170416-001 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cc6ee041f9ef0acdd8e3fb8dbdcb6dfb
Blackcat CMS 1.2 Cross Site Scripting
Posted Jun 22, 2017
Authored by Faiz Ahmed Zaidi

Blackcat CMS version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-9609
MD5 | 668cadbe054cbbd74a06fb0a595e0503
Slackware Security Advisory - openvpn Updates
Posted Jun 22, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-7508, CVE-2017-7512, CVE-2017-7520, CVE-2017-7521, CVE-2017-7522
MD5 | cbfc8242ea06a8baac440b5d71ba2960
Kernel Live Patch Security Notice LSN-0024-1
Posted Jun 22, 2017
Authored by Benjamin M. Romer

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges.

tags | advisory, arbitrary, kernel
systems | linux
advisories | CVE-2017-1000364
MD5 | 802d5d0c1e8f0c95c047a7f9331ccb3d
DAVOSET 1.3.4
Posted Jun 22, 2017
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Support added for an XXE vulnerability in Qlikview. New services into lists of zombies and removed non-working services from lists of zombies.
tags | tool, denial of service
MD5 | d5dd78793564fb2262d358d23eee5998
Linux 4.10.1 Double-Fetch
Posted Jun 22, 2017
Authored by Pengfei Wang

Linux kernel versions 4.10.1 and below suffer from a double-fetch vulnerability.

tags | advisory, kernel
systems | linux
advisories | CVE-2017-8831
MD5 | ae616a219ada3d4187b43ded936abd80
PayPal Marketing User Enumeration
Posted Jun 22, 2017
Authored by Chamli

PayPal's Marketing Online Service suffers from a user enumeration vulnerability.

tags | exploit
MD5 | e5c3f9c104584625593cdc59eb1620ca
Vaadin 7.7.6 Cross Site Scripting
Posted Jun 22, 2017
Authored by Caleb Cushing

Vaadin version 7.7.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a18a2b3a6b79a8e884de918c1aca80f0
OffensiveCon Berlin 2018 Call For Papers
Posted Jun 22, 2017
Site offensivecon.org

OffensiveCon Berlin 2018 has announced its call for papers. It will take place February 16th through the 17th, 2018 in Berlin, Germany.

tags | paper, conference
MD5 | 32acfe671da7b738e3a0ce113154dc3d
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close