exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2017-07-07

Ubuntu Security Notice USN-3350-1
Posted Jul 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3350-1 - Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Jiaqi Peng discovered that the poppler pdfunite tool incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause poppler to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-2820, CVE-2017-7511, CVE-2017-7515, CVE-2017-9083, CVE-2017-9406, CVE-2017-9408, CVE-2017-9775
SHA-256 | 52d790ac54064768358ec37b1553501b9e555e8c4d911d7636cbcb7a25c1132c
Yaws 1.91 Unauthenticated Remote File Disclosure
Posted Jul 7, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Yaws version 1.91 suffers from an unauthenticated remote file disclosure vulnerability.

tags | exploit, remote
SHA-256 | 75629368ff456f6677d01b2c26f455cf606a3403736db99f79919f9e33af3230
Firefox 54.0.1 Denial Of Service
Posted Jul 7, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Firefox version 54.0.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 3644ea8959431b6023ecedbd76add9ecd1247d5501ecede377afba4f441df58e
Apache Solar 5.5.4 / 6.5.1 Member Spoofing
Posted Jul 7, 2017
Authored by Noble Paul

Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected. Versions 5.3 through 5.5.4 and 6.0 through 6.5.1 are affected.

tags | advisory
advisories | CVE-2017-7660
SHA-256 | 6c61f7b4afc578465540747541333350b5a441f277a267e49bdeb7f8ff5ec221
Microsoft Office 365 Enterprise E3 Insufficient Session Expiration
Posted Jul 7, 2017
Authored by Micha Borrmann | Site syss.de

Microsoft Office 365 Enterprise E3 suffers from an insufficient session expiration vulnerability.

tags | exploit
SHA-256 | 71b7c538dc235667bda1e21c050149a2a4aa82d2b550a41e97c9f1758d8d7dbf
EMC ESRS Policy Manager Undocumented Account
Posted Jul 7, 2017
Authored by Travis Emmert | Site emc.com

EMC ESRS Policy Manager is affected by an undocumented account vulnerability that could potentially be leveraged by malicious users to compromise the affected system. Versions prior to 6.8 are affected.

tags | advisory
advisories | CVE-2017-4976
SHA-256 | a87cd48c69fcdf45011328a78ebafc29111d5605f8614d3c1dc95fcd245c5db9
EMC Data Protection Advisor SQL Injection / Path Traversal
Posted Jul 7, 2017
Authored by rgod | Site emc.com

EMC Data Protection Advisor versions prior to 6.4 suffer from remote SQL injection and path traversal vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2017-8002, CVE-2017-8003
SHA-256 | 05cb312b3d51461c4a374866f6a1305114602a8066f88e5c75ce51159ee2643d
Solarwinds LEM 6.3.1 Hardcoded Credentials
Posted Jul 7, 2017
Authored by Matthew Bergin, Joshua Hardin | Site korelogic.com

Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has hard-coded credentials.

tags | exploit
SHA-256 | db2280c889805e3b1cc8bca7d28bca9faff15b7e7003176695d43071203d731f
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack
Posted Jul 7, 2017
Authored by Matthew Bergin, Joshua Hardin | Site korelogic.com

Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability.

tags | exploit
SHA-256 | b5f3e2e56c5e431a0f7904096cd26eb5b819f5e04765f0ca18b7e34eeb0f1740
Microsoft .NET Privilege Escalation
Posted Jul 7, 2017
Authored by Stefan Kanthak

Microsoft .NET suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 156ffe5f8f2e0bd1e5ac5eda8e6abbdda326e4a2e4b7bd5843f3169e215c36ca
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close