what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-07-10

ToorCon 19 Call For Papers
Posted Jul 10, 2017
Site sandiego.toorcon.net

ToorCon 19 has announced its call for papers. This conference will take place September 1st through the 3rd, 2017 in San Diego, CA, USA.

tags | paper, conference
SHA-256 | 9378c58ee8df3c9b3b70a77e187a1b806f4b47c65b9841261fb86f6ccfbab2fe
Gentoo Linux Security Advisory 201707-14
Posted Jul 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-14 - A vulnerability in Gajim might allow remote attackers to intercept encrypted communications. Versions less than 0.16.6-r1 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2016-10376
SHA-256 | 14061d651f634c181526cf898234562b16fc9cae65c32ce919e86bd8af592d5a
Apache Impala 2.8.0 Plain-Text Information Disclosure
Posted Jul 10, 2017
Authored by Cloudera

Apache Impala versions 2.7.0 through 2.8.0 suffers from an information disclosure vulnerability. During a routine security analysis, it was found that one of the ports sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift transport when TLS was turned on. It was therefore possible for an adversary, with access to the network, to eavesdrop on the packets going to and coming from that port and view the data in plaintext.

tags | advisory, info disclosure
advisories | CVE-2017-5652
SHA-256 | 9d6740860e247c5122b885eb42592febbeb1b3bea900a57c4b0ef357fc6833f7
Apache Impala 2.8.0 Authentication Bypass
Posted Jul 10, 2017
Authored by Cloudera

Apache Impala versions 2.7.0 through 2.8.0 suffers from an information disclosure vulnerability. It was noticed that a malicious process impersonating an Impala daemon could cause Impala daemons to skip authentication checks when Kerberos is enabled (but TLS is not). If the malicious server responds with 'COMPLETE' before the SASL handshake has completed, the client will consider the handshake as completed even though no exchange of credentials has happened.

tags | advisory, info disclosure
advisories | CVE-2017-5640
SHA-256 | 42ff9ba9104648f3be1be36d796e18b3544aec2dd430aad20cabf54b1a48428f
Rise Ultimate Project Manager 1.8 Cross Site Scripting
Posted Jul 10, 2017
Authored by 8bitsec

Rise Ultimate Project Manager version 1.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | abbcd5b74402eca5065ba760c564c5efacf4dd08268be3358eabb0edc8f8137d
HPE Security Bulletin HPESBNS03755 1
Posted Jul 10, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBNS03755 1 - HPE NonStop Server using Samba is vulnerable to remote code execution and remote access restriction bypass. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2017-2619, CVE-2017-7494
SHA-256 | 6264307a040e00f452b44dd1e3a75e45b9b8464c01f2410521a492ef1512dc09
Pulse Connect Secure 8.3R1 CSRF / XSS
Posted Jul 10, 2017
Authored by sxcurity | Site insecurity.zone

Pulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | ad86da8785aaa8ca2390ee8a6f874325abd63f699f8263e9bb32778e0cf32bb7
Slackware Security Advisory - irssi Updates
Posted Jul 10, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-10965, CVE-2017-10966
SHA-256 | ea484f9cfc361229c332fca5451e66f92c9fad2b264d46630bff068eceece894
Gentoo Linux Security Advisory 201707-13
Posted Jul 10, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-13 - Multiple vulnerabilities have been found in libcroco, the worst of which may have unspecified impacts. Versions less than 0.6.12-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-7960, CVE-2017-7961
SHA-256 | 9e16b68d5b7bda87811348307004256bda84b56ed2cbbad18e0ca30251f8cebc
Debian Security Advisory 3905-1
Posted Jul 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3905-1 - Two security issues have been discovered in the X.org X server, which may lead to privilege escalation or an information leak.

tags | advisory
systems | linux, debian
advisories | CVE-2017-10971, CVE-2017-10972
SHA-256 | 84abeb4f6565c3c570841f0138f556386bae6f29d2bcc6bb544769112c3332da
Gentoo Linux Security Advisory 2017-07-12
Posted Jul 10, 2017
Site security.gentoo.org

Gentoo Linux Security Advisory 2017-07-12 - A vulnerability in MAN DB allows local users to gain root privileges. Versions less than 2.7.6.1-r2 are affected.

tags | advisory, local, root
advisories | CVE-2015-1336
SHA-256 | 889c0eaa2230049d88045d612fc1dc464bcd4f1355d02360028969540c6b0cff
NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.4 Command Injection
Posted Jul 10, 2017
Authored by Paul Taylor

NfSen version 1.3.7 and AlienVault USM/OSSIM version 5.3.4 suffer from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2017-6971
SHA-256 | 95d2698b9bc2ea6a348d98c0e7be5759acfc23cd3feb8a3ccd45bbe1ab8f1470
NfSen 1.3.7 / AlienVault USM/OSSIM 5.3.6 Local Root
Posted Jul 10, 2017
Authored by Paul Taylor

NfSen versions 1.3.7 and below and AlienVault USM/OSSIM versions 5.3.6 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-6970
SHA-256 | a8b33f56ffd726c88dbc984a9d7a8588f36a32cd8aedb73c518ecc1dead228c9
DNS/DNSSEC RR Stub Resolver Denial Of Service
Posted Jul 10, 2017
Authored by Todor Donev

DNS/DNSSEC RR stub resolvers amplification distributed denial of service exploit.

tags | exploit, denial of service
SHA-256 | 48c04b12787ef447ed8fda946ee2b687a596c4a666617e2dc8df00396b64cc3b
CRLF Injector
Posted Jul 10, 2017
Authored by Rudra Sarkar

This is a python script for testing CRLF injecting issues.

tags | tool, scanner, python
systems | unix
SHA-256 | 269d0bfcbe035b834d1b3fec15668b84eda71e5789d1c7ce78a66a85d86caf41
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close